Cyber security experts are issuing warnings about a new JavaScript downloader called RATDispenser that distributes eight different Remote Access Trojans (RATs), keyloggers and information stealers and that cannot be detected by the majority of security tools. RATs and keyloggers are used by hackers to gain backdoor access to infected computers to plunder user accounts and cryptocurrency wallets. The access data is even sold onto ransomware operators so they can get in on the act. There are at least three RATDispenser variants currently in circulation
The infection chain begins with an email being opened that contains a malicious obfuscated JavaScript that, when run, writes a VBScript file, which then downloads the malware payload before deleting itself.
Source: techradar pro
Join Informed Sauce’s ransomware awareness session on 2 December in London. Short talks from the Met Police’s Cyber Crime Unit, Commvault and Infinidat will be followed by a room-wide, moderated open forum discussion on how to combat the scourge of cyber crime and best protect your business.
For details and to sign up, visit the event microsite – https://informedsauce.com/events/infinidat/anatomy-of-a-ransomware-attack