Security News > 2021 > March > US taxpayers targeted with RAT malware in ongoing phishing attacks
![US taxpayers targeted with RAT malware in ongoing phishing attacks](/static/build/img/news/alt/data-statistics-medium.jpg)
US taxpayers are being targeted by phishing attacks attempting to take over their computers using malware and steal sensitive personal and financial information.
"The potential for damage is serious and the malware allows threat actors to gain full control over a victim's machine and steal sensitive information from users or their employers."
This ongoing phishing campaign will have more time to infect taxpayers with malware since the Treasury Department and the Internal Revenue Service announced Wednesday that the federal income tax filing due date for individuals would be extended by an additional 30 days to May 17 2021.
The malicious documents also evade traditional anti-malware virus and heuristic detections by abusing the imgur service to host the malware payloads, making it even harder to detect and block their attacks.
RAT malware used to takeover taxpayers' devices.
Both RAT strains have been spotted in attacks coordinated by state-sponsored hacking groups and financially motivated threat actors.
News URL
Related news
- More_eggs Malware Disguised as Resumes Targets Recruiters in Phishing Attack (source)
- Andariel Hackers Target South Korean Institutes with New Dora RAT Malware (source)
- DarkGate Malware Replaces AutoIt with AutoHotkey in Latest Cyber Attacks (source)
- Hackers Use MS Excel Macro to Launch Multi-Stage Malware Attack in Ukraine (source)
- New Cross-Platform Malware 'Noodle RAT' Targets Windows and Linux Systems (source)
- Pakistani Hackers Use DISGOMOJI Malware in Indian Government Cyber Attacks (source)
- Ratel RAT targets outdated Android phones in ransomware attacks (source)
- Rafel RAT targets outdated Android phones in ransomware attacks (source)
- US offers $10 million for information on indicted WhisperGate malware suspect (source)
- FakeBat Loader Malware Spreads Widely Through Drive-by Download Attacks (source)