Attackers spread trojanized gaming tools to deliver a stealthy RAT using PowerShell, LOLBins, and Defender evasion tactics. Threat actors are tricking users into running trojanized gaming utilities shared through browsers and chat platforms to deploy a remote access trojan. “Microsoft Defender researchers uncovered a campaign that lured users into running trojanized gaming utilities (Xeno.exe or […] Attackers spread trojanized gaming tools to deliver a stealthy RAT using PowerShell, LOLBins, and Defender evasion tactics. Threat actors are tricking users into running trojanized gaming utilities shared through browsers and chat platforms to deploy a remote access trojan. “Microsoft Defender researchers uncovered a campaign that lured users into running trojanized gaming utilities (Xeno.exe or RobloxPlayerBeta.exe) distributed through browsers and chat platforms, leading to the deployment of a remote access trojan (RAT).” Microsoft Threat Intelligence team wrote on X. Microsoft Defender researchers uncovered a campaign that lured users into running trojanized gaming utilities (Xeno.exe or RobloxPlayerBeta.exe) distributed through browsers and chat platforms, leading to the deployment of a remote access trojan (RAT).A malicious downloader pic.twitter.com/87Yum5y78z— Microsoft Threat Intelligence (@MsftSecIntel) February 26, 2026
Published: 2026-02-28T07:33:39