Voicemail Trap: German-Language Voicemail Lure Leads to Remote Access

Censys observed a voicemail-themed social engineering campaign (≈86 cadillac.ps web properties) that tricks German-language targets into downloading and running a BAT which plays decoy audio and silently installs the legitimate Remotely RMM agent, enrolling systems into an attacker-controlled Remotely server; the report includes domains, S3 audio URL, script and binary hashes, Remotely download URLs, and on-host artifacts for detection.