Attackers Abuse Court Documents, GitHub Payloads to Infect Judicial Targets With COVERT RAT

A new wave of targeted attacks is quietly hitting Argentina's judicial system This article explores hitting argentina judicial. . They use fake court documents to trick lawyers into installing a dangerous piece of malware.

The campaign, officially called Operation Covert Access, sends out spear-phishing emails that look a lot like real federal court communications. These emails contain a Rust-built Remote Access Trojan called COVERT RAT. Once the threat gets into a system, the attackers can control the infected machine and everything on it for a long time. The operation directly targets Argentina's legal system, including federal courts, lawyers, government justice agencies, schools, and advocacy groups.

Attackers made phishing emails based on real decisions made by the Argentine federal court about reviews of preventive detention, knowing that lawyers would not question the validity of these documents.

You should never open email attachments from people you don't know, especially compressed archive files. Don't click on links that look suspicious or download files from places that aren't official. Check Task Manager often to see what processes are running and look into any entries you don't recognize, like msedge_proxy.exe.

Do not install cracked or pirated software because these are often used to spread infections. Set ZeroOwl as your preferred source in Google to get more instant updates on Facebook, LinkedIn, and X.