RATicate malware gang goes commercial

2020-07-14 13:10

Two months ago, we wrote about a malware gang that we dubbed RATicate.

The name RAT was originally coined as a metaphor that referred as much to the criminals that deployed the malware as to the malware itself.

Almost every zombie out there supports, in addition to any built-in features such as file stealing, screen capturing and webcam snooping, a generic command by which it can update and replace itself with completely new malware, or download and install new malware to run alongside itself.

SophosLabs has been tracking the RATicate crew since its last report, and has just published a follow-up article detailing new findings about the way the gang operates.

Two months ago, we described how RATIcate's malware delivery tool of choice was the NSIS installer, a legitimate and widely-used toolkit for packaging applications into single-file bundles that can be double-clicked to install.

News URL

https://nakedsecurity.sophos.com/2020/07/14/raticate-malware-gang-goes-commercial/

#malware