Fake AI Guides and Developer Resources Used to Deliver AsyncRAT Malware

A malware campaign that disguises malicious files as AI study guides and developer resources to infect Windows users with AsyncRAT and a secondary remote access trojan. The attack uses booby-trapped archives containing shortcut files, hidden documents, PowerShell scripts, and repurposed AutoHotkey components to execute a multi-stage infection chain while displaying legitimate-looking decoy content. Once installed, the malware establishes persistence through scheduled tasks, employs process hollowing for stealth, and connects to command-and-control servers to provide remote access to compromised systems. Researchers warn that the campaign reflects a growing trend of attackers exploiting interest in AI-related content and recommend stronger monitoring of scripting engines, PowerShell activity, and suspicious downloads.

Reference: infosecurity-magazine.com