14 DAY TRIAL // Researchers from Fidelis Security Systems warn of a surge in the number of attacks that leverage the remote access Trojan known as “njRAT.”
Cybercriminals are currently using njRAT in targeted attacks focused mainly at government, telecom and energy sectors from the Middle East. However, since the malicious tool is publicly available, experts believe it could be used at any time against other targets as well.
Fidelis says that the threat – which is distributed mainly via phishing attacks, drive-by downloads, and embedded in other applications – is capable of logging keystrokes, accessing the victim’s webcam, stealing credentials, and opening a reverse shell.
It’s also capable of allowing cybercriminals to view the victim’s desktop, upload and download files, and manipulate processes, files and registries.
Interestingly, experts say that the solutions of some major antivirus vendors are not capable of detecting all variants of the threat.
Additional technical information is available in Fidelis’ threat advisory.