Dossier
EtherRAT
Coverage of EtherRAT in the Nexus archive.
- Fake IT support calls on Microsoft Teams push EtherRAT malware
Threat actors are using Microsoft Teams voice calls to impersonate corporate IT support staff, tricking employees into installing EtherRAT malware. This malware grants attackers initial access to corporate networks.
- EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades
A sophisticated malicious campaign, identified by Atos Threat Research Center in March 2026, targets enterprise administrators, DevOps engineers, and security analysts by impersonating administrative tools via GitHub facades. The operation uses SEO techniques to distribute EtherRAT, a high-resilience malware.