Escanor malware delivered in weaponized Microsoft Office documents

22-Aug-22

Resecurity, a cybersecurity firm based in Los Angeles that guards the Fortune 500 globally, discovered Escanor, a new RAT (Remote Administration Tool) that was being promoted on the Dark Web and Telegram.

The threat actors provide RATs for PC and Android platforms, as well as an exploit builder, HVNC module, and Adobe PDF and Microsoft Office document weaponization tools. Cybercriminals actively exploit the mobile version of Escanor to target online banking users by intercepting OTP codes. Read More…