Korean Word Processor Scam Alert Orcus RAT Lurking in Cracked Versions

Threat Level – Amber | Vulnerability Report
Download PDF

Orcus RAT, formerly known as Schnorchel, first appeared in April 2016 and allows for remote control of infected systems. Intruders are attempting to deploy a variant of Orcus RAT along with XMRig CoinMiner, disguised as a cracked version of Hangul Word Processor 2022, in an ongoing campaign. The malicious programs were distributed and infected via several file-sharing sites.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox