MoDi RAT

The MoDi RAT is a Remote Access Trojan being used by multiple cybercrime organizations and individuals who employ it in attacks against both companies and individual users. A Remote Access Trojan (RAT) is meant to work silently on compromised systems and enable its operators to access the file system, settings, processes, and many other utilities found on the infected machine. By doing so, they could collect data, plant additional malware, hijack login credentials and more. Needless to say, MoDi RAT is a very threatening project, and users must take the necessary precautions to prevent this malware from reaching their device.

The MoDi RAT is typically distributed via fake downloads or corrupted email attachments that pose as important content such as an invoice or another document of interest. However, these documents pack a corrupted macro script whose execution is meant to deploy the MoDi RAT and initialize its core modules, setting off the attack.

Surprisingly, the MoDi RAT's core features are not that impressive, but it has one major advantage over other RATs with limited capabilities – it is able to freely abuse the PowerShell utility to execute separate commands or entire PowerShell scripts provided by the criminals. This may grant the RAT almost unlimited control over the compromised device.

Needless to say, MoDi RAT's attacks can be devastating, and you should be prepared for them. As mentioned above, the most important layer of defense is to install and activate an up-to-date anti-malware application. You should also avoid browsing shady websites, as well as remember to avoid suspicious and unknown emails if they urge you to download a file, especially.