All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of April 4, 2022. I’ve also included some comments on these stories.

Borat RAT, a new RAT that performs ransomware and DDoS attacks

Cyble researchers discovered a new remote access trojan (RAT) named Borat which enables operators to gain full access to and remote control of an infected system. Bad actors can now expand their nefarious capabilities by launching ransomware and DDoS attacks, Security Affairs reports.

DYLAN D’SILVA | Security Researcher at Tripwire

A new type of RAT (Remote Access Trojan) offers expanded capabilities to attackers, including ransomware and DDoS attacks. For those that are unfamiliar with the term RAT, it is a remote access tool that provides a 3rd party access to your computer, with almost complete control over the operating system.

Researchers have found that the new Borat RAT has a modular structure, providing a level of customization for the attacker to deploy specific functionality, including:

• Keylogger
• Ransomware
• DDoS
• Audio & Webcam Recording
• Remote Desktop
• Credential System

RATs and other types of malware are typically delivered through malicious links and attachments in emails, or through file downloads from unfamiliar and/or unknown websites.

Defensive Recommendations and Strategies

• Be aware and cognizant of all emails you receive. While most companies will have their junk mail and spam traps setup, it may not catch everything. If you receive an unexpected email from someone outside your company with links and/or attachments, be wary as you review, and do not click any links or attachments. If unsure, delete the email (also from your Deleted Items). If your company employs a way to report phishing and/or suspicious emails, report (Read more...)