PyXie RAT Targeting Health & Educational Organization: Stealing Credentials and Password

PyXie RAT uses .pyx File Extension to execute its code instead of .pyc Python-based files

According to report, security experts & researchers have discovered a new Remote Access Trojan (RAT) that is currently being used to collect login credentials, record videos and keylogging components in its objectives. Security researchers have explained that PyXie RAT is new name of RAT Virus that is capable to gained access to targeted machine and cybercriminal to control their PC. However, it is also hard to detect this infection by most of the security application because this data stealing virus doesn’t shows up in lists of running programs or tasks.

In other word, we can say that the action performs by PyXie RAT can be similar to those of genuine programs. Furthermore, hacker behinds this attack manages the level of resources use so that drop the performance doesn’t notify the targeted users that something’s amiss. Let’s start the discussion about this new Remote Access Trojan (RAT) in detail.

Researchers explained new Trojan: PyXie RAT Stealing Credentials and Passwords

As per our research, PyXie RAT was discovered in campaign actively targeting healthcare and education organization/company. This new Data-stealing virus is Python-based custom build capable of keylogging, credentials harvesting, recording videos, cookies theft as well as ability to perform man-in-the-middle attacks.

Furthermore, security experts also states that PyXie RAT can also used to inject other malware like Ransomware if the cyber crooks so chose. The malware is also designed to steal login credentials & password details and after complete its tasks, it clears the evidence that it had been on the System to avoid detection.

Researchers named the malware as PyXie because of the ways it executes the code uses .pyx File Extension instead of .pyc that is associated with Python files. PyXie RAT has been active since 2018 and given that it is highly customized bit of code that it is safe to assume a lot of time and resources went into its development.

PyXie RAT uses Side-loading techniques where malware leverage genuine applications to gain foothold on targeted System. It is not easy task to detect this infection by most of the security application. Researchers explained that this nasty Trojan was been distributed by Trojan version of popular free online game. Once game is downloaded, it will secretly install PyXie RAT in targeted machine and allows the cyber crooks behind this attack to grant admin right. For any suggestions or quires, please write on comment box given below and be careful against malware or spyware infection.