US cybersecurity experts: They exploit fictitious identities and pretend to be elsewhere. They are mainly proposed for remote jobs and involving cryptocurrencies.
Technical analysis by the Malware Hunter JAMESWT
New NjRAT banking-themed campaign. The email rar attachment contains a bat. This, when run, auto-converts to exe – the malware itself. ISIS also fell victim to the malicious code
NjRAT V2.0 hides in a fake email on request for confirmation of bank details.
The rar attachment contains a bat file that, when executed, converts itself into an exe: the malware itself.
This, if opened, activates the chain of infection. NjRAT, aka Bladabindi, is a Remote Access Tool (RAT), which allows you to take control of the victim’s computer. Features include manipulating files and the registry, opening a remote shell and stealing passwords saved in browsers and other applications. Among the victims of the malware there are also ISIS jihadists. In 2017 someone will hack an Islamic State site in 2017, making its users download NjRAT disguised as an Adobe Flash Player update.