StrRAT Masquerades as Ransomware bankinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from bankinfosecurity.com Daily Mail and Mail on Sunday newspapers.
minute read
Share this article:
Microsoft Security discovered malicious PDFs that download Java-based StrRAT, which can steal credentials and change file names but doesn’t actually encrypt.
An email campaign is delivering a Java-based remote access trojan (RAT) that can not only steal credentials and take control of systems, but also presents as fake ransomware, Microsoft researchers have discovered.
The Microsoft Security Intelligence (MSI) team has outlined details of a “massive email campaign” delivering the StrRAT malware that they observed last week and reported in a series of tweets earlier this week.
StrRAT is a Java-based remote access tool which steals browser credentials, logs keystrokes and takes remote control of infected systems all typical behaviors of RATs, MSI researchers described in documentation posted on GitHub about the malware. The RAT also has a module to download an additional payload onto the infected machine based on command-and-contr
Watch your work email for malware that can hijack your system By Charlie Fripp, Komando.com
Business infrastructure and email systems should be of the highest priority for all companies. If hackers manage to infect corporate networks with malware, there is no telling what information they can steal.
But sometimes, even the best systems can be breached when employees arenât careful or negligently divulge information. Over the last few months, Microsoft said that it has been tracking several spear-phishing attacks targeting companies. Tap or click here to see the biggest threat to small businesses in 2021.
A new attack has been discovered with emails designed to inject malware onto a companyâs network. Once an unsuspecting employee opens it, the payload is set in motion to steal as much as it can from a companyâs servers.
What you need to know
Phishers are at it again, distributing data theft Trojans.
Microsoft has been following their activities.
Microsoft Security Intelligence released findings on Twitter.
Today in predictable cybercrime, there s a campaign going on wherein phishers are targeting people in the travel and aerospace industries with malicious emails containing loaders that pave the way for remote access Trojans (RATs) to steal data. Microsoft Security Intelligence exposed the whole operation over on Twitter.
In the past few months, Microsoft has been tracking a dynamic campaign targeting the aerospace and travel sectors with spear-phishing emails that distribute an actively developed loader, which then delivers RevengeRAT or AsyncRAT. pic.twitter.com/aeMfUUoVvf Microsoft Security Intelligence (@MsftSecIntel) May 11, 2021
Ransomware is spiking as cyberattacks on Microsoft jump, according to a report.
The two trends are overlapping in the wake of the Cybersecurity and Infrastructure Security Agency’s (CISA) recent alerts on ransomware attacks targeting Microsoft Exchange servers, according to Check Point Research (CPR).
The CPR report cited a 57% increase in ransomware attacks on organizations it tracks within the last six months and a 9% increase in ransomware attacks each month since the beginning of the year.
And the number of attacks on Microsoft Exchange servers tripled in the week before the report was published, bringing the total number of attacks on Microsoft Exchange servers documented by CPR to over 50,000. In response to these attacks, Microsoft Security Intelligence tweeted on March 11 that ransomware was being used to exploit Exchange Servers.