A security researcher has warned that a remote access trojan called NJRat, seems to be returning from the dead.
The warning came from security specialist PhishMe, which found evidence that the malware is making a comeback.
The warning was made by PhishMe’s senior researcher Ronnie Tokazowski in a blog posting.
“NJRat is a remote-access Trojan that has been used for the last few years. We haven’t heard much about NJRat since April 2014, but some samples we’ve recently received show that this malware is making a comeback,” he blogged.
Tokazowski said that he had examined recent messages and the malware within, and discovered that the executable element had been compiled with .NET 4.0.
So what nastiness does NJRat contain? Well, once the malware runs, it copies itself onto the victim’s machine and begins to attempt connections with the outside world.
“The IP address appears to be part of VPN infrastructure,” he wrote. “Based off of the analysis from the Fidelis article, the VPN infrastructure and no-IP dynamic DNS matches up very well. VPN references also match up with one of the two NJRat Facebook pages…”
NJRat made headlines last year, as the malware was mostly used by hackers in the Middle East. It was used to attack governmental and civilian targets in the Middle East and North Africa. Symantec reportedly said at the time that njRAT was similar in capability to remote access tools (RATs) used to control botnets, but njRAT differed from other RAT malware due to its level of support and development by Arabic speakers.
It also apparently infected up to 20,000 machines at its height.
In August last year, a group calling itself the Syrian Malware Team (SMT) was spotted carrying out attacks using the sophisticated BlackWorm Remote Access Tool (RAT), with one of the members thought to be responsible for its creation.
What do you know about famous hackers? Take our quiz!
German foreign minister warns Russia will face consequences for “absolutely intolerable” cyberattack on ruling party,…
Google is reportedly laying off at least 200 staff from its “Core” organisation, including key…
Investor appeasement? Apple unveils huge $110 billion share buyback program, as sales of iPhone decline…
Tesla retreats from pioneering gigacasting manufacturing process, amid cost cutting and challenges at EV giant
No skynet please. After the US, UK and France pledge human only control of nuclear…
Microsoft's AI investments continue in south east Asia, after investments in Japan, Malaysia, Indonesia, as…