"njRAT" Uncovered

From Botnets.fr
Jump to: navigation, search

(Publication) Link to the old Wiki page : [1] / Google search: [2]

"njRAT" Uncovered
Botnet NjRAT
Malware
Botnet/malware group RAT
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2013 / 2013-06-27
Editor/Conference Fidelis cybersecurity
Link http://www.threatgeek.com/2013/06/fidelis-threat-advisory-1009-njrat-uncovered.html (Archive copy)
Author Fidelis
Type White paper

Abstract

In the past thirty days (30) an increase attack activity has been observed using the "njRAT" malware. This remote access trojan (RAT) has capabilities to log keystrokes, access the victim's camera, steal credentials stored in browsers, open a reverse shell, upload/download files, view the victim's desktop, perform process, file, and registry manipulations, and capabilities to let the attacker update, uninstall, restart, close, disconnect the RAT and rename its campaign ID. Through the Command & Control (CnC) server software, the attacker has capabilities to create and configure the malware to spread through USB drives.

Bibtex

 @misc{Fidelis2013BFR1863,
   editor = {Fidelis cybersecurity},
   author = {Fidelis},
   title = {"njRAT" Uncovered},
   date = {27},
   month = Jun,
   year = {2013},
   howpublished = {\url{http://www.threatgeek.com/2013/06/fidelis-threat-advisory-1009-njrat-uncovered.html}},
 }