Hackers abuses Microsoft Build Engine (MSBuild) to filelessly deliver malware on Windows systems, including RAT and password-stealer. Researchers from Anomali observed threat actors abusing MSBuild to deliver remote access trojans and RedLine Stealer. MSBuild is a free and open-source build tool set for managed code as well as native C++ code and was part of the.NET Framework. The campaign has begun in April 2021 and is still ongoing, experts pointed out that it has low or zero detections.”]
Source: https://securityaffairs.co/wordpress/117969/malware/msbuild-delivers-rat.html