NiceRAT Malware Targets South Korean Customers by way of Cracked Software program

Jun 17, 2024NewsroomBotnet / Cryptocurrency

Risk actors have been noticed deploying a malware referred to as NiceRAT to co-opt contaminated gadgets right into a botnet.

The assaults, which goal South Korean customers, are designed to propagate the malware underneath the guise of cracked software program, corresponding to Microsoft Home windows, or instruments that purport to supply license verification for Microsoft Workplace.

“Due to the nature of crack programs, information sharing amongst ordinary users contributes to the malware’s distribution independently from the initial distributor,” the AhnLab Safety Intelligence Heart (ASEC) mentioned.

“Because threat actors typically explain ways to remove anti-malware programs during the distribution phase, it is difficult to detect the distributed malware.”

Alternate distribution vectors contain the usage of a botnet comprising zombie computer systems which can be infiltrated by a distant entry trojan (RAT) referred to as NanoCore RAT, mirroring prior exercise that leveraged the Nitol DDoS malware for propagating one other malware dubbed Amadey Bot.

Cybersecurity

NiceRAT is an actively developed open-source RAT and stealer malware written in Python that makes use of a Discord Webhook for command-and-control (C2), permitting the risk actors to siphon delicate info from the compromised host.

First launched on April 17, 2024, the present model of this system is 1.1.0. It is also out there as a premium model, in response to its developer, suggesting that it is marketed underneath the malware-as-a-service (MaaS) mannequin.

The event comes amid the return of a cryptocurrency mining botnet known as Bondnet, which has been detected utilizing the high-performance miner bots as C2 servers since 2023 by configuring a reverse proxy utilizing a modified model of a respectable device referred to as Quick Reverse Proxy (FRP).

Discovered this text attention-grabbing? Observe us on Twitter and LinkedIn to learn extra unique content material we put up.

Recent articles

Patch Alert: Essential Apache Struts Flaw Discovered, Exploitation Makes an attempt Detected

Dec 18, 2024Ravie LakshmananCyber Assault / Vulnerability Risk actors are...

Meta Fined €251 Million for 2018 Knowledge Breach Impacting 29 Million Accounts

Dec 18, 2024Ravie LakshmananKnowledge Breach / Privateness Meta Platforms, the...