Fake Huorong security site infects users with ValleyRAT | Malwarebytes

A fake Huorong Security website has been used to distribute ValleyRAT, a sophisticated Remote Access Trojan (RAT), by the Silver Fox APT group. This campaign exploits users' trust by impersonating a legitimate security product, employing techniques like DLL sideloading and disabling Windows Defender to achieve persistence and steal sensitive information.