{"id":232253,"date":"2026-02-28T02:12:23","date_gmt":"2026-02-28T08:12:23","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2026\/02\/trojanized-gaming-tools-spread-java-based-rat-via-browser-and-chat-platforms"},"modified":"2026-02-28T02:12:23","modified_gmt":"2026-02-28T08:12:23","slug":"trojanized-gaming-tools-spread-java-based-rat-via-browser-and-chat-platforms","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2026\/02\/trojanized-gaming-tools-spread-java-based-rat-via-browser-and-chat-platforms","title":{"rendered":"Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/trojanized-gaming-tools-spread-java-based-rat-via-browser-and-chat-platforms.jpg\"><\/a><\/p>\n<p>Threat actors are luring unsuspecting users into running trojanized gaming utilities that are distributed via browsers and chat platforms to distribute a remote access trojan (RAT).<\/p>\n<p>\u201cA malicious downloader staged a portable Java runtime and executed a malicious Java archive (JAR) file named jd-gui.jar,\u201d the Microsoft Threat Intelligence team <a href=\"https:\/\/twitter.com\/MsftSecIntel\/status\/2027070355487997998\" rel=\"noopener\" target=\"_blank\">said<\/a> in a post on X. \u201cThis downloader used PowerShell and living-off-the-land binaries (LOLBins) like cmstp.exe for stealthy execution.\u201d<\/p>\n<p>The attack chain is also designed to evade detection by deleting the initial downloader and by configuring Microsoft Defender exclusions for the RAT components.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Threat actors are luring unsuspecting users into running trojanized gaming utilities that are distributed via browsers and chat platforms to distribute a remote access trojan (RAT). \u201cA malicious downloader staged a portable Java runtime and executed a malicious Java archive (JAR) file named jd-gui.jar,\u201d the Microsoft Threat Intelligence team said in a post on X. [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1509],"tags":[],"class_list":["post-232253","post","type-post","status-publish","format-standard","hentry","category-entertainment"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/232253","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=232253"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/232253\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=232253"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=232253"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=232253"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}