Attack malware RAT was subjected to two cryptocurrency firms in Israel

0
61

Attack malware Cardinal RAT two Israeli companies involved in software development for the FINTECH industry and cryptocurrency, was found by the firm Unit 42, specialized in the field of cybersecurity.

The main problems in the cryptocurrency space have always been hacks and malware. Recently discovered research unit Unit 42, the malware is a Cardinal RAT, also known as Remote Access Trojan, which first came into sight in 2017.

In its report, the experts indicated that this family of malware went undetected for more than two years, and they came in a custom device using unique Carp Downloader Downloader. Since then, the company continued to monitor malware, and so discovered “a series of attacks using the updated version of Cardinal RAT”, created with the ability to “evade detection”.

A serious threat to traders

Were identified a series of attacks on companies from the sector of financial technology based in Israel. In the study of attacks has been discovered the connection between Cardinal RAT and another family of malware called EVILNUM created the JavaScript-based”.

Through this malware an attacker can gain access to personal information of the victim to take pictures of the screen to remove cookies from your browser, remove yourself from the device, execute commands to reset the password, upload new files and update settings.

Despite the fact that details about the two companies developing software for cryptoform were not disclosed, the consequences of this attack could be catastrophic. This may affect the basic operation of the platforms and storage of customer information on their device.

In Unit 42 noted that “malware get on computers via fake documents attached to spam messages that are sent to traders Forex and cryptocurrency traders”.

If you find a mistake on rucoin.net please highlight the text and press Ctrl+Enter.

Label: Cardinal RAT

LEAVE A REPLY

Please enter your comment!
Please enter your name here

twelve + eighteen =