Cyber criminals are using a new JavaScript downloader to distribute eight different kinds of remote access Trojan (RAT) malware and information-stealing malware in order to gain backdoor control of infected Windows systems, as well as steal usernames, passwords and other sensitive data.
The downloader has been detailed by cybersecurity researchers at HP Wolf Security, who’ve called it RATDispenser.
The initial entry point for attacks is a phishing email that claims to contain a text file about a product order. Clicking the malicious file will run the process for installing RATDispenser malware. In order to avoid detection, the initial JavaScript download is obfuscated with the aid of long strings of code to help hide the malicious intent.
Read more…
Source: ZDNet