New RATs emerge from leaked Njw0rm source code
Jump to navigation
Jump to search
(Publication) Google search: [1]
New RATs emerge from leaked Njw0rm source code | |
---|---|
Botnet | Njw0rm, kjw0rm, Sir DoOom |
Malware | |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2015 / 2015-01-22 |
Editor/Conference | Trend Labs |
Link | http://blog.trendmicro.com/trendlabs-security-intelligence/new-rats-emerge-from-leaked-njw0rm-source-code/ (Archive copy) |
Author | Michael Marcos |
Type | Blogpost |
Abstract
“ In the middle of my research on the remote access Trojan (RAT) known as “njrat” or “Njw0rm”, I stumbled upon dev-point.com, a site that disguises itself as a site for “IT enthusiasts” but actually hosts various downloaders, different types of spyware, and RATs. I explored the site and found that they host malware under the “Protection Devices” section in their website. Under this section was a forum written in Arabic, which may suggest that an Arabic-speaking country is behind it.
Bibtex
@misc{Marcos2015BFR389,
editor = {Trend Labs},
author = {Michael Marcos},
title = {New RATs emerge from leaked Njw0rm source code},
date = {22},
month = Jan,
year = {2015},
howpublished = {\url{http://blog.trendmicro.com/trendlabs-security-intelligence/new-rats-emerge-from-leaked-njw0rm-source-code/}},
}