NjRAT & H-Worm variant infections continue to rise
(Publication) Google search: [1]
| NjRAT & H-Worm variant infections continue to rise | |
|---|---|
| Botnet | NjRAT, H-Worm |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | TCP, HTTP |
| Date | 2015 / 2015-03-20 |
| Editor/Conference | Zscaler |
| Link | http://research.zscaler.com/2015/03/njrat-h-worm-variant-infections.html (Archive copy) |
| Author | |
| Type | Blogpost |
Abstract
“ njRAT Trojan also known as Bladabindi, is a Remote Access Tool (RAT) that was first seen in 2013 and has been extremely prevalent in the Middle Eastern region. njRAT was developed using Microsoft's .NET framework and like many other RATs, provides complete control of the infected system and delivers an array of features to the remote attacker. We have seen attackers leveraging popular gaming & software application cracks & keygens as the lure to infect end users.
There have been many variants of njRAT. H-Worm, also known as Houdini, is one of the most popular variants and was reportedly used in attacks against the international energy sector. In this blog we will provide a brief overview of njRAT and H-Worm as well as an analysis of the H-Worm activity we've seen over the past few months.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2015BFR1539,
editor = {Zscaler},
author = {},
title = {NjRAT & H-Worm variant infections continue to rise},
date = {20},
month = Mar,
year = {2015},
howpublished = {\url{http://research.zscaler.com/2015/03/njrat-h-worm-variant-infections.html}},
}