Security News > 2022 > April > No-Joke Borat RAT Propagates Ransomware, DDoS

No-Joke Borat RAT Propagates Ransomware, DDoS
2022-04-05 13:30

Attackers are using a newly released remote access trojan to spread ransomware and distributed denial of service - in addition to the traditional RAT function of backdooring victims' systems.

Researchers at Cyble Research Labs discovered the RAT, which they dubbed Borat RAT because it uses a photo of Sacha Baron Cohen, the comedian who created and portrayed the fictional character Borat in a popular series of mockumentary films.

"The Borat RAT is a potent and unique combination of remote-access trojan, spyware and ransomware, making it a triple threat to any machine compromised by it," according to the post.

Attack Launchpad. As described by Cyble Research Labs, the RAT acts like a framework from which threat actors can launch their cybercriminal activities, providing a dashboard to perform typical RAT activities as well as an option to compile the malware binary for performing DDoS and ransomware attacks on the victim's machine.

"Interestingly, the RAT has an option to deliver a ransomware payload to the victim's machine for encrypting users' files as well as for demanding a ransom," researchers said.

Cyble researchers analyzed a number of modules of the Borat RAT and found that its functionality is varied.


News URL

https://threatpost.com/borat-rat-ransomware-ddos/179233/