The Malicious Threat Adwind RAT

A malicious software known as Adwind RAT executes a number of functions across various platforms. The Remote Access Trojan uses a single malware-as-a-service facility for proliferating. It apparently got used in attacks aimed at no less than 443,000 commercial and non-commercial organizations as well as individual consumers all over the globe.

When year 2015 ended, researchers' attention at Kaspersky Lab was drawn to a strange malicious program found in a personalized spear phishing assault vis-à-vis one Singaporean bank. The spear phishing e-mail carried one sinister JAR file attachment as it targeted at certain staff member of the bank. Having enhanced abilities, the malicious program inside the attachment would operate across many platforms. Moreover, no anti-virus product could detect it.

The malware, which attacked the bank, was RAT Adwind exuding features of a backdoor that could be bought online and because written wholly with the Java computer language, it boar the characteristic of cross-platform. Moreover, Adwind works on Android, Linux, OS X and Windows platforms having the ability to remotely control the desktop, collect and exfiltrate data, and so on. Dqindia posted this, February 16, 2016.

Among other abilities, the malware loads itself onto the said platforms of its own as well as establishes a communication with its remote CnC (command-and-control) infrastructure provided the infected end-user downloads the JAR document introduced through the e-mail attachment.

Director of Global Research and Analysis Team Vitaly Kamluk for APAC unit of Kaspersky Lab explains that in spite of several reports regarding various versions of the Adwind tool which security companies published during the past few years, it continues to be active, while any type of cyber-criminals have adapted it as their ware. The security company conducted research on the tool for drawing other security professionals' as well as law enforcements' attention so both may adopt the essential measures for disrupting it entirely.

In the meantime, Adwind operators keep beating the security researchers of Kaspersky Lab the first detector of the malware as well as law enforcement officials each time projecting one fresh name and with more advanced capabilities that make it truly hard for eradicating the malware.

» SPAMfighter News - 2/23/2016