A security researcher has warned that a remote access trojan called NJRat, seems to be returning from the dead.
The warning came from security specialist PhishMe, which found evidence that the malware is making a comeback.
The warning was made by PhishMe’s senior researcher Ronnie Tokazowski in a blog posting.
“NJRat is a remote-access Trojan that has been used for the last few years. We haven’t heard much about NJRat since April 2014, but some samples we’ve recently received show that this malware is making a comeback,” he blogged.
Tokazowski said that he had examined recent messages and the malware within, and discovered that the executable element had been compiled with .NET 4.0.
So what nastiness does NJRat contain? Well, once the malware runs, it copies itself onto the victim’s machine and begins to attempt connections with the outside world.
“The IP address appears to be part of VPN infrastructure,” he wrote. “Based off of the analysis from the Fidelis article, the VPN infrastructure and no-IP dynamic DNS matches up very well. VPN references also match up with one of the two NJRat Facebook pages…”
NJRat made headlines last year, as the malware was mostly used by hackers in the Middle East. It was used to attack governmental and civilian targets in the Middle East and North Africa. Symantec reportedly said at the time that njRAT was similar in capability to remote access tools (RATs) used to control botnets, but njRAT differed from other RAT malware due to its level of support and development by Arabic speakers.
It also apparently infected up to 20,000 machines at its height.
In August last year, a group calling itself the Syrian Malware Team (SMT) was spotted carrying out attacks using the sophisticated BlackWorm Remote Access Tool (RAT), with one of the members thought to be responsible for its creation.
What do you know about famous hackers? Take our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…