JanelaRAT: Repurposed BX Rat Variant Targeting LATAM FinTech

In June of 2023, researchers at Zscaler ThreatLabz discovered a threat actor targeting FinTech users in the LATAM region. JanelaRAT involves several tactics, techniques, and procedures (TTPs) such as DLL side-loading, dynamic C2 infrastructure, and a multi-stage attack.

The final malware involved in this campaign is a heavily modified variant of BX RAT. Because of this, Zscaler researchers named the malware: JanelaRAT.

Read more…
Source: Zscaler