Fake Trump’s scandle video campaign spreading QNode RAT

Fake Trump’s scandle video campaign spreading QNode RAT

Hackers are benefitting from the unrest after the US Presidential elections and spreading QNode malware but this time it tricks users into believing that they are about to watch an x-rated video of Donald Trump.

Despite that the US presidential elections are over, cybercriminals do not seem to let go of the hype. Perhaps this is why they have come up with another campaign to deliver a remote access trojan (RAT) disguised as Donald Trump’s sex video.

QNode RAT Downloader

Trustwave security researchers have identified a new malspam campaign. The researchers suspected foul play because the email attachment didn’t match the theme of the email body. Further probe revealed that the attachment is a variant of the Windows-based QRAT downloader.

It is worth noting that QRAT was also used in 2016 against Skype users to steal their credentials after infecting their device with malware.

The emails’ JAR file seems to have the same purpose as previously discovered Node.js QRAT downloaders. Diana Lopera, Trustwave’s senior security researcher, explained about the latest QRAT downloader in a report.

See: ElectroRat crypto-stealing malware hits MacOS, Windows, Linux devices

Lopera wrote that the new variant has undergone modifications, the email campaign itself is a bit amateurish.

“While the attachment payload has some improvements over previous versions, the email campaign itself was rather amateurish, and we believe that the chance thi ..