New malicious code is able to ‘evade’ most anti-virus software

Cybersecurity experts at HP company (USA) have issued a warning saying that they have discovered a new malware called RATDispenser that is able to evade most anti-virus software.

Accordingly, a new JavaScript downloader distributed 8 different remote access (RAT) Trojans, keyloggers and information stealers and was able to bypass the malware. detection of most security tools.

New malicious code is able to ‘evade’ most anti-virus software

Cybersecurity researchers at HP note that, although people who download JavaScript often have lower detection rates than other downloaders, this particular malware is more dangerous because it uses a specifications to avoid detection.

“The anti-virus system only detected 11 percent of this malware, so they successfully infiltrated many victim workstations,” said Patrick Schlapfer, an analyst at HP.

Schlapfer adds that RATs and keyloggers help attackers gain “backdoors” access to infected computers. The actors then typically use access to help get credentials for user accounts and crypto wallets, and in some cases even gain access to ransomware operators. money (ransomware).

The researchers note that the infection chain begins with the user receiving an email containing malicious code in JavaScript. When it runs, JavaScript will write a VBScript file, which will download malware, before deleting itself.

Further research revealed that there were at least three different RATDispenser variants in the past three months for a total of 155 samples.

‚ÄúVariety of malware families, many of which can be purchased or downloaded for free from underground markets. The author of the RATDispenser malware may be operating as malware as a service,” the researchers added.

Phan Van Hoa(according to Techradar)

The notorious malware Emotet is back

The notorious malware Emotet is back

Recently, cybersecurity experts have issued a warning saying that the infamous Emotet botnet malware has shown signs of return and is capable of causing worse harm than ever.


Leave a Reply

Your email address will not be published. Required fields are marked *