Trend Micro Examines Previously-Existing Java RAT in Fresh Version
Trend Micro lately found a previously existing Java Remote Access Trojan (RAT) in one fresh version, which it has been examining. This variant, which's known as Universal Remote Control Multi-Platform (UNRECOM), has been identified as JAVA_OZNEB.B. Earlier, it was named Adwind.
Currently, spam mails are getting distributed for disseminating the RAT. Usually, the malicious program gets camouflaged as receipts, catalogs or product lists. A latest spam campaign, which's disseminating UNRECOM, capitalizes on the goodwill attached to the American Express Bank.
All of the fraudulent electronic mails impersonating the bank tell receivers that certain suspicious operation was noticed on their accounts following which it was necessary to suspend those accounts.
The e-mails explain that for the same reason it was also necessary to lock the users' American Express payment card. The objective was to keep their accounts safe as also safeguard their private data. The bank is determined towards ensuring that end-users' monetary dealings online remain safe, state the e-mails.
Moreover, the users' statement, showing in bold, the erratic operations, is attached to the message, the e-mails continue. They then request to complete an attached form with the required details, which's necessary for the bank towards maintaining its service of risk-free as well as secured environment for customers.
Certainly, the attachment isn't any statement rather it's the RAT in question.
The moment the malware contaminates a PC, it carries out various tasks like displaying messages, taking screenshots or installing more plug-ins with a Litecoin harvesting one included.
And because the RAT loads extra plug-ins, it becomes one particularly high-risk malware, since it aids cyber-crooks to tweak and update any task of their choice. The risk is even more with the malware capable of working on more than one platform. Notably, there's been other Java RATS too which impacted more-than-one platform.
It's extremely significant that certain plug-in to mine Litecoins is included, considering how plentiful malware were recently observed as targeting crypto-currencies. Litecoin is frequently regarded as one widely accepted Bitcoin alternative. Harvesting digital currencies depends on plentiful computing power; therefore owners of the infected devices are likely to encounter slackened performance.
» SPAMfighter News - 28-04-2014