Security News > 2023 > March > RAT developer arrested for infecting 10,000 PCs with malware
Ukraine's cyberpolice has arrested the developer of a remote access trojan malware that infected over 10,000 computers while posing as game applications.
"The man developed viral software, which he positioned as applications for computer games."
At the time of the attacker's arrest, he had real-time access to 600 infected computers, from where he could download files, steal credentials, drop additional payloads, install or delete programs, snap screenshots, and intercept sound or video from the computer's microphone and cameras.
The police provided no details about how the hacker distributed the malware other than as game applications.
Previous malware distribution campaigns for similar infections were done through YouTube videos promoting game mods and cheats, Google Ads, malvertizing, social media marketing campaigns, direct messages, and emails.
During the raid at the suspect's house, the police found and confiscated equipment the malware operator used for carrying out the malicious acts.
News URL
Related news
- N. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform Malware (source)
- New Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RAT (source)
- BeaverTail Malware Resurfaces in Malicious npm Packages Targeting Developers (source)
- Cybercriminals Use Excel Exploit to Spread Fileless Remcos RAT Malware (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)