Experts at Microsoft uncovered a malicious campaign that delivers the FlawedAmmyy RAT directly in memory.
The FlawedAMMYY backdoor borrows the code of the Ammyy Admin remote access Trojan, it allows attackers to get full access to a victim’s machine. FlawedAmmyy RAT allows stealing sensitive data from infected systems and exfiltrating files.
FlawedAmmyy Remote Access Trojan was involved in attacks carried out by the threat actors tracked as TA505.