THE article discusses the discovery of fake software installers on GitHub and SourceForge distributing the Deno RAT called DinDoor. Attackers are exploiting popular software names like ChatGPT and AutoTune, using compromised YouTube channels to direct users to malicious repositories. The infection typically involves downloading MSI files or PowerShell scripts, which then install Deno to execute remote access Trojan (RAT) operations.
The malicious RAT can extract data from browsers, wallets, and control devices, utilizing browser-based peer-to-peer streaming to obfuscate its activity. Users are advised to download software only from official sources and review the integrity of file publishers.