Malicious actors have been secretly embedding the njRAT remote access trojan in free hacking tools as well as cracks of those tools, in a bid to compromise anyone who downloads this software from various websites and forums.
Essentially, this adversary is trying to turn other hackers into victims, taking over their machines for reasons that could range from conducting distributed denial of service attacks to stealing data, according to a blog post today by Cybereason, featuring research from Amit Serper, VP of security strategy and principal researcher with the company’s Nocturnus security research team. Indeed, njRat offers up many nefarious possibilities, with capabilities that include keylogging, taking screenshots, recording via webcams and microphones, and file manipulation and exfiltration.
The campaign, identified by the Cybereason Nocturnus team, has apparently been taking place for years and has generated nearly 1,000 malware samples in that time, with new variations of njRAT being added on a daily basis.
“It is safe to assume that many individuals have been infected by this ca ..
Support the originator by clicking the read the rest link below.
