KimJongRAT Malware Targets Windows Users via Phishing

Security researchers have confirmed that KimJongRAT, a sophisticated remote access Trojan attributed to the Kimsuky group, is actively distributed via weaponized .hta files targeting Windows users. The malware is disguised as a tax notice and uses social engineering tactics to harvest sensitive credentials and system information. The attack chain involves phishing emails, LNK files, and Google Drive URLs to evade detection. Users are advised to keep their systems updated and exercise caution with email attachments.