Security News > 2022 > May > New stealthy Nerbian RAT malware spotted in ongoing attacks
A new remote access trojan called Nerbian RAT has been discovered that includes a rich set of features, including the ability to evade detection and analysis by researchers.
The email campaigns were discovered by researchers at Proofpoint, who released a report today on the new Nerbian RAT malware.
Impersonating the WHO. The malware campaign distributing Nerbian RAT impersonates the World Health Organization, which is allegedly sending COVID-19 information to the targets.
UpdateUAV reuses code from various GitHub projects to incorporate a rich set of anti-analysis and detection-evasion mechanisms before Nerbian RAT is deployed.
All these checks make it practically impossible to get the RAT running in a sandboxed, virtualized environment, ensuring long-term stealthiness for the malware operators.
Without a doubt, Proofpoint has spotted an interesting, complex new malware that focuses on stealthiness through numerous checks, encrypted communications, and code obfuscation.
News URL
Related news
- Andariel Hackers Target South Korean Institutes with New Dora RAT Malware (source)
- DarkGate Malware Replaces AutoIt with AutoHotkey in Latest Cyber Attacks (source)
- Hackers Use MS Excel Macro to Launch Multi-Stage Malware Attack in Ukraine (source)
- More_eggs Malware Disguised as Resumes Targets Recruiters in Phishing Attack (source)
- New Cross-Platform Malware 'Noodle RAT' Targets Windows and Linux Systems (source)
- Pakistani Hackers Use DISGOMOJI Malware in Indian Government Cyber Attacks (source)
- Ratel RAT targets outdated Android phones in ransomware attacks (source)
- Rafel RAT targets outdated Android phones in ransomware attacks (source)
- FakeBat Loader Malware Spreads Widely Through Drive-by Download Attacks (source)
- Hackers attack HFS servers to drop malware and Monero miners (source)