The downloader has been detailed by cybersecurity researchers at HP Wolf Safety, who’ve referred to as it RATDispenser.
SEE: A successful technique for cybersecurity (ZDNet particular report)
As soon as put in, RATDispenser is used to distribute a variety of various malware, together with trojans, keyloggers and knowledge stealers, all designed to steal delicate information from the person.
Probably the most regularly distributed malware downloads are STRRAT and WSHRAT, which account for 4 in 5 of the analysed samples. However different types of malware RATDispenser have been distributed, together with invasive info stealers equivalent to Adwind, Formbook, Remcos, Panda Stealer, GuLoader and Ratty.
A few of these trojans, like Panda Stealer, are comparatively new, having solely been found this yr, whereas others, equivalent to WSHRAT, have been energetic for a few years.
On the time the analysis was revealed, RATDispender was solely detected by one in 10 obtainable anti-virus engines.
“It is significantly regarding to see RATDispenser solely being detected by about 11% of antivirus methods, ensuing on this stealthy malware efficiently deploying on victims’ endpoints most often,” stated Patrick Schlapfer, malware analyst at HP.
“RATs and keyloggers pose a silent risk, serving to attackers to achieve backdoor entry to contaminated computer systems and steal credentials from enterprise accounts and even cryptocurrency wallets. From right here, cyber criminals can siphon off delicate information, escalate their entry, and in some circumstances promote this entry on to ransomware teams,” he added.