Security News > 2020 > March > Hackers Hack Hacking Tools to Hack Hackers
Criminals targeting other criminals is nothing new, but researchers have now uncovered a years-long campaign that trojanizes hacking tools in order to infect other hackers with njRAT. Just as trojanized mobile apps can be downloaded from app stores and installed by trusting users, so trojanized hacking tools are downloaded and installed by trusting hackers.
The njRAT infection route in the campaign appears to be via cracked and trojanized hacking tools.
"So far," says Serper, "We have found samples that are either pretending to be various hacking tools or pretending to be installers of the Chrome Internet browser. There are around 700 samples associated with the *.capeturk.com subdomain, and there are more samples added to various threat intelligence resources on a daily basis."
The payload from the trojanized hacking tools is njRAT, a remote access trojan first observed in 2012 and known to be used by threat actors in the Middle East.
"While all of the samples associated with blog.capeturk.com are targeting various penetration testing and hacking tools, other subdomains are targeting Chrome installers, native Windows applications, and other random programs that have nothing to do with hacking or penetration testing," notes Serper.
News URL
http://feedproxy.google.com/~r/Securityweek/~3/OY--4Myk_Mw/hackers-hack-hacking-tools-hack-hackers