FILTERING BY: CLEAR FILTER

TA4922 Deployment of Atlas RAT Malware via Silver Fox Campaign

The Chinese-linked threat actor TA4922 is conducting high-velocity cyberattacks across Europe and Africa using the undocumented Atlas RAT (also known as AtlasCross). The campaign utilizes a social engineering technique dubbed "Silver Fox," where attackers distribute weaponized VPN installers to gain unauthorized system access. By masquerading as legitimate remote-access software, the malware effectively bypasses perimeter security controls. Once installed, the Atlas RAT establishes persistent backdoor access, enabling remote command and control (C2) capabilities. This rapid deployment of specialized malware highlights a significant shift in the actor's operational scope and technical sophistication in targeting organizations reliant on VPN infrastructure.


LINK COPIED TO CLIPBOARD