skip to Main Content

Cybercrime, GIMP latest bait to carry redline stealer and SectopRAT

Technical analysis by the Malware Hunter JAMESWT

GIMP is the latest cybercrime bait to deliver redline stealers and SectopRAT. The loader not only downloads the installer of the legitimate software, but also the two malware, including the RAT which guarantees attackers control of the infected PC

GIMP, the popular image manipulation tool, is used by cybercrime as a bait to carry redline stealers and, probably, SectopRAT. The tool is a program loader. This downloads the installer of the legitimate software. In parallel, however, it also performs the hidden download of a redline stealer and another malware which, according to Intezer’s detection, is SectopRAT. As a result, the victim is unaware that they have been infected, as GIMP has actually been downloaded. The Remote Access Trojan is particularly insidious as it grants remote attackers full access and control to the infected machine.

 

Back To Top