Home / Cybersecurity / Fake Amnesty International Pegasus scanner used to infect Windows

Fake Amnesty International Pegasus scanner used to infect Windows

Pegasus

Threat actors are trying to capitalize on the recent revelations on Pegasus spyware from Amnesty International to drop a less-known remote access tool called Sarwent.

The malware looks and acts the part of a legitimate antivirus solution specially created to scan the system for traces of Pegasus traces and to remove them.

Antivirus look with a RAT’s bite

Sarwent-based attacks have been running since at least the beginning of the year, in January, and targeted a variety of victim profiles in several countries.

Source