Researchers warn about password-stealing malware only 11% of antivirus can detect

Updated: Mar 29

A new JavaScript downloader has been discovered by hP Wolf Security. This new malware, named it RATDispense is being used to distribute eight different kinds of remote access Trojan (RAT) malware and information stealing malware in order to gain backdoor control of infected Windows devices, as well as steal usernames, passwords and other sensitive data.

The malware is being delivered via phishing email attacks posing as a product order. Clicking the malicious file will run the process for installing the malware. Once installed, RATDispenser is used to distribute trojans, keyloggers and information stealers, all designed to steal sensitive data from the victim. At the time the research was published, this malware was only detected by one in 10 available anti-virus engines. "It's particularly concerning to see RATDispenser only being detected by about 11% of antivirus systems, resulting in this stealthy malware successfully deploying on victims' endpoints in most cases," said Patrick Schlapfer, malware analyst at HP. "RATs and keyloggers pose a silent threat, helping attackers to gain backdoor access to infected computers and steal credentials from business accounts or even cryptocurrency wallets. From here, cyber criminals can siphon off sensitive data, escalate their access, and in some cases sell this access on to ransomware groups," he added. Guard your keystrokes including passwords from stealth keyloggers that evade antivirus with EndpointLock Keystroke Encryption. To reduce the risk of being targeted in a phishing attack, scan your email with EndpointLock's Dark Web Scanner to see if your credentials have ever been stolen in a breach.


0 views0 comments