Dual-stage phishing attack installs LogMeIn RMM for persistent access Source: thehackernews.com/2026/01/p… Researchers disclosed a new phishing campaign that uses stolen credentials to deploy LogMeIn Resolve (formerly GoTo Resolve) Remote Monitoring and Management (RMM) software. The attack employs a two-stage process, first capturing legitimate login information and then silently installing RMM tools signed with valid certificates to maintain persistent access to compromised Windows hosts. Security analysts warn that this technique enables long-term unauthorised administration unless detected early.
Dual-stage phishing attack installs LogMeIn RMM for persistent access
Edward Kiledjian
@ekiledjian