Threat Actors Exploiting Windows Systems To Deploy Multiple Malwares

A sophisticated phishing campaign is leveraging Python obfuscation, shellcode generation, and multiple evasion techniques to deliver malware to Windows systems. The multi-stage attack uses a deceptive customer service request to install XWorm, VenomRAT, AsyncRAT, and PureHVNC, granting attackers remote control of the system. The attack typically begins with an HTML attachment in a phishing email, followed by the activation of various malicious scripts and files.