Cybersecurity researchers are calling attention to a series of cyber attacks that have targeted Chinese-speaking regions like Hong Kong, Taiwan, and Mainland China with a known malware called ValleyRAT.
The attacks leverage a multi-stage loader dubbed PNGPlug to deliver the ValleyRAT payload, Intezer said in a technical report published last week.
The infection chain commences with a phishing page that's designed to encourage victims to download a malicious Microsoft Installer (MSI) package disguised as legitimate software.
https://thehackernews.com/2025/01/pngpl ... eyrat.html