There’s a new Remote Access Trojan (RAT) making the rounds and it’s named after Borat, everyone’s FAVORITE Kazakh journalist.*
First discovered by Cyble, an Atlanta-based cyber risk intelligence company, Borat goes above and beyond the traditional RAT. Not only does it help threat actors gain access to network resources and files, but it also allows provides the following features:
- Launch Distributed-Denial-of-Service (DDoS) attacks directly from its dashboard
- Deliver ransomware payloads from its dashboard
- A reverse proxy to protect its user
- The ability to steal user credentials directly from the browser
- Inject malicious code into legitimate processes
Not as serious a threat, but Borat can also do annoying things like:
- Switch off an infected user’s monitor
- Hide the start button or taskbar on a desktop
- Play unwanted audio
- Switch the end-point’s webcam on and off
- Turn on the end-point’s microphone and record audio
If we learn anything more we’ll pass it on to you.
*I’m well aware Borat is a character played by British comedian Sasha Baron Cohen. Don’t leave us any hate in the comments section.