Upgraded ChaChi RAT used to escalate attacks on education orgs
https://www.bleepingcomputer.com/news/security/pysa-ransomware-backdoors-education-orgs-using-chachi-malware/
"After initial sightings in attacks during the first quarter of 2020, ChaChi’s code was altered to include obfuscation and persistence in late March or early April," the BlackBerry Threat Research and Intelligence Team says in a report shared in advance with BleepingComputer.
"Very soon after that, we started seeing ChaChi variants with the added DNS tunnelling and Port-Forwarding/Proxy functionality."
Upgraded ChaChi RAT used to escalate attacks on education orgs
Jun 23, 2021, 1:54pm UTC
https://www.bleepingcomputer.com/news/security/pysa-ransomware-backdoors-education-orgs-using-chachi-malware/
> "After initial sightings in attacks during the first quarter of 2020, ChaChi’s code was altered to include obfuscation and persistence in late March or early April," the BlackBerry Threat Research and Intelligence Team says in a report shared in advance with BleepingComputer.
> "Very soon after that, we started seeing ChaChi variants with the added DNS tunnelling and Port-Forwarding/Proxy functionality."