• Latest
  • Trending
Malicious JavaScript Loader is a Multi-RAT Dispenser

Malicious JavaScript Loader is a Multi-RAT Dispenser

November 25, 2021
Apple releases iOS 15.5 RC, here’s the list of everything new

Apple releases iOS 15.5 RC, here’s the list of everything new

May 13, 2022
MSI Full AMD 300-Series Motherboard Compatibility for Zen 3

MSI Full AMD 300-Series Motherboard Compatibility for Zen 3

May 13, 2022
Gigabyte New Flagship AORUS 17X Gaming Laptop with Extreme Performance

Gigabyte New Flagship AORUS 17X Gaming Laptop with Extreme Performance

May 13, 2022
MediaTek Unveils New AIoT Platform Stack and Genio 1200 AIoT Chip

MediaTek Unveils New AIoT Platform Stack and Genio 1200 AIoT Chip

May 13, 2022
Oracle expands global network of industry innovation labs

Oracle expands global network of industry innovation labs

May 13, 2022
Google announces 30,000 scholarships under African developer scheme

Google announces 30,000 scholarships under African developer scheme

May 13, 2022
Huawei attracts global talent to tackle world-class challenges

Huawei attracts global talent to tackle world-class challenges

May 13, 2022
MTN SA Commits R2.2 Billion For Network Modernisation

MTN SA Commits R2.2 Billion For Network Modernisation

May 13, 2022
Micron Delivers Industry-Leading Capacity Sizes and QLC NAND

Micron Delivers Industry-Leading Capacity Sizes and QLC NAND

May 13, 2022
ADATA LEGEND 850 and Limited Edition PCIe Gen4 x4 M.2 2280 SSDs

ADATA LEGEND 850 and Limited Edition PCIe Gen4 x4 M.2 2280 SSDs

May 13, 2022
SMART Modular Technologies New DuraMemory DDR5 VLP RDIMM

SMART Modular Technologies New DuraMemory DDR5 VLP RDIMM

May 13, 2022
Apacer Announces PV930-M280 SSD Powered by 112-layer BiCS5 Flash

Apacer Announces PV930-M280 SSD Powered by 112-layer BiCS5 Flash

May 13, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Monday, 16 May, 2022
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

Malicious JavaScript Loader is a Multi-RAT Dispenser

by ITECHNEWS
November 25, 2021
in Infosec
0 0
0
Malicious JavaScript Loader is a Multi-RAT Dispenser

Researchers are warning of a new JavaScript loader being used to distribute eight Remote Access Trojans (RATs) in information-stealing campaigns.

A team at HP Wolf named the tool “RATDispenser,” and warned that it currently has a detection rate of only 11%.

YOU MAY ALSO LIKE

Zyxel fixes firewall flaws that could lead to hacked networks

Open Source Community Hands White House 10-Point Security Plan

“As with most attacks involving JavaScript malware, RATDispenser is used to gain an initial foothold on a system before launching secondary malware that establishes control over the compromised device,” explained HP malware analyst, Patrick Schläpfer.

“Interestingly, our investigation found that RATDispenser is predominantly being used as a dropper in 94% of samples analyzed, meaning the malware doesn’t communicate over the network to deliver a malicious payload.”

RATDispenser arrives as a malicious attachment in a phishing email. If the user double clicks, it will run, at which time the obfuscated JavaScript decodes itself and writes a VBScript file to a temporary folder using cmd.exe.

This VBScript file then downloads the malware payload and, if successful, will subsequently delete itself.

The eight malware families include: keylogger and info-stealer Formbook; Java RAT STRRAT, which has remote access, credential stealing and keylogging features; downloader GuLoader; and an open source Java RAT known as Ratty.

According to Schläpfer, the most interesting payload is Panda Stealer.

“First seen in April 2021, this is a new malware family that targets cryptocurrency wallets,” he explained. “The Panda Stealer sample we analyzed were all fileless variants that download additional payloads from a text storage site, paste.ee.”

Panda Stealer and Formbook are always downloaded rather than dropped, but they’re in the minority in terms of the payloads associated with RATDispenser.

“The variety in malware families, many of which can be purchased or downloaded freely from underground marketplaces, and the preference of malware operators to drop their payloads, suggest that the authors of RATDispenser may be operating under a malware-as-a-service business model,” said Schläpfer.

Phil Muncaster UK / EMEA News Reporter, Infosecurity Magazine

ShareTweetShare

Get real time update about this post categories directly on your device, subscribe now.

Unsubscribe

Search

No Result
View All Result

Recent News

Apple releases iOS 15.5 RC, here’s the list of everything new

Apple releases iOS 15.5 RC, here’s the list of everything new

May 13, 2022
MSI Full AMD 300-Series Motherboard Compatibility for Zen 3

MSI Full AMD 300-Series Motherboard Compatibility for Zen 3

May 13, 2022
Gigabyte New Flagship AORUS 17X Gaming Laptop with Extreme Performance

Gigabyte New Flagship AORUS 17X Gaming Laptop with Extreme Performance

May 13, 2022

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

Apple releases iOS 15.5 RC, here’s the list of everything new

Apple releases iOS 15.5 RC, here’s the list of everything new

May 13, 2022
MSI Full AMD 300-Series Motherboard Compatibility for Zen 3

MSI Full AMD 300-Series Motherboard Compatibility for Zen 3

May 13, 2022

Recent News

  • Apple releases iOS 15.5 RC, here’s the list of everything new May 13, 2022
  • MSI Full AMD 300-Series Motherboard Compatibility for Zen 3 May 13, 2022
  • Gigabyte New Flagship AORUS 17X Gaming Laptop with Extreme Performance May 13, 2022
  • MediaTek Unveils New AIoT Platform Stack and Genio 1200 AIoT Chip May 13, 2022
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© 2021 iTechNewsOnline.Com - Powered by BackUpDataSystems

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© 2021 iTechNewsOnline.Com - Powered by BackUpDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?
Go to mobile version