Deadly Trojan Virus Poses a Serious Threat to Gamers

**A Deadly Trojan Horse Virus Poses a Serious Threat to Gamers**

The Trojan horse virus known as SeroXen has gained increasing popularity recently,

as cybercriminals have begun using it due to its powerful capabilities and low detection rate.

American telecommunications company (AT&T) AT&T confirmed that this malware is sold in a disguised form

as a legitimate remote access tool for Windows 11 and Windows 10 operating systems.

It is available for $15 USD per month, or a one-time payment of $60 USD

for a “lifetime” license.

Also :

Although SeroXen is marketed as a legitimate tool, the cyber intelligence platform Flare Systems

confirmed that it is promoted as a remote access Trojan on hacking forums.

There is no clarity about the identity of the main developers of this software on those forums,

whether they are the developers themselves or suspicious distributors.

Nevertheless, the cost of obtaining this remote access software is low, making it accessible to parties interested

in cybersecurity threats. AT&T has monitored hundreds of samples since its launch in September 2022, and has witnessed

an increase in its activity recently.

It was discovered that most victims of SeroXen belong to the gaming community,

and with the increasing popularity of this tool, the targeting scope may expand to include large companies and organizations.

Also :

SeroXen relies on several open-source projects, including: Quasar RAT, r77 rootkit, and the NirCmd command-line tool.

AT&T stated in its report: “The SeroXen developer found an impressive combination of free resources to develop a tool that is difficult to detect in static and dynamic analysis of remote access viruses”.

AT&T witnessed attacks delivering SeroXen through phishing emails or

Discord service channels, where cybercriminals distribute ZIP archives containing heavily obfuscated files as well.

After installing these files, which contain smaller components, they plant those components in the operating system,

which inject SeroXen into the system memory, ensuring it goes undetected and now providing remote access to the device.

After the remote access malware starts running, it establishes a connection with the command and control server and waits for commands issued by the attackers.

AT&T fears that the growing popularity of the SeroXen remote access Trojan

will attract hackers interested in targeting large organizations rather than focusing on gamers,

and the company has issued indicators of compromise for network defenders to use as well.

In Summary :

The Trojan horse virus known as SeroXen has recently gained popularity as a remote access tool, as cybercriminal elements have begun using it due to its powerful capabilities and low detection rates. Although it is marketed as a legitimate software, the cyber intelligence platform Flare Systems indicates that it is promoted on hacking forums as a remote access Trojan. The identity of the developers has not been clearly identified, whether they are the developers themselves or suspicious distributors as well.

American telecommunications company AT&T encountered the SeroXen malware, which is sold as a legitimate remote access tool for Windows 10 and Windows 11 operating systems, and is sold for $15 USD per month or a “lifetime” license for $60 USD. Although most victims targeted by SeroXen are in the gaming community, with its growing popularity its targeting scope may expand to include large companies and organizations. AT&T has been monitoring a large number of samples since its launch in September 2022 and has noticed an increase in its activity recently. The cost of obtaining this compromised software is low, making it easily accessible to cyberthreat actors and raising concerns about cybersecurity.