FISA

  A new and highly sophisticated Remote Access Trojan (RAT), CyberEYE , has surfaced as a growing threat to Windows environments. Written in .NET and built for modular deployment, this malware stands out for its ability to completely disable Windows Defender using a combination of PowerShell scripting and registry manipulations . Command & Control via Telegram CyberEYE’s communication infrastructure is built on Telegram’s Bot API , which allows threat actors to control infected systems without maintaining their own backend infrastructure. This use of a popular, encrypted messaging platform complicates detection and containment efforts. Plug-and-Play Malware for the Masses CyberEYE includes a user-friendly builder interface , allowing even low-skilled attackers to generate custom payloads without writing code. This ease of use, combined with its feature-rich design, is accelerating adoption across cybercriminal communities. It is distributed via multiple channels inclu...