I Smell a RAT! – New Malware that steals passwords, webcam and browser data

 

RATs are afoot it seems and they are nasty little buggers who are wreaking havoc for end-users with a wicked bit of malware. Microsoft has issued an alert for 2 RAT’s in particular – which are RevengeRAT and AsyncRAT.

What is a RAT? A RAT is A Remote Access Trojan (RAT) which is a type of malware that provides the attacker with full remote control over your system. Sounds scary right? Well it is. We aren’t talking about rats with pizza here (NY phenom below) – we are talking about hackers taking over your computers, webcams and data.

Microsoft has issued an alert over a (RAT) dubbed RevengeRAT that it says has been used to target aerospace and travel sectors with spear-phishing emails.

RevengeRAT, also known as AsyncRAT, is being distributed via carefully crafted email messages that prompt employees to open a file masquerading as an Adobe PDF file attachment that in fact downloads a malicious visual basic (VB) file.

Security firm Morphisec recently flagged the two RATs as part of a sophisticated Crypter-as-a-Service that delivers multiple RAT families.

According to Microsoft, the phishing emails distribute a loader that then delivers RevengeRAT or AsyncRAT. Morphisec says it also delivers the RAT Agent Tesla.

“The campaign uses emails that spoof legitimate organizations, with lures relevant to aviation, travel, or cargo. An image posing as a PDF file contains an embedded link (typically abusing legitimate web services) that downloads a malicious VBScript, which drops the RAT payloads,” Microsoft said.

As we shared back in April, phishing attempts are on the rise. Ransomware/Malware has become BIG business, and nefarious organizations are cashing in with hapless clicks.

As we try to constantly counsel – if you are not expecting an attachment or email – check with the sender first. Gone are the days that we can innocently click on attachments with hopes that they are legitimate. Question then verify is a good rule of thumb for emails. Antispam and Anti-virus are amazing tools – but even the best programs may let an errant email/attachment in. Remember – the hackers JOB is to fool just 1 person. If they pick the RIGHT person – it can take an organization down.

Be smart – look out for RATS.

To read more about the Microsoft alert – you can read about it here. (ZDNET)