Remote access Trojans (RATs) are used in more than half of attacks against Russian companies in 2024. In 29% of cases, attackers use thieves to steal sensitive information, and 16% of attacks use malware downloaders. socialbites.ca learned this from a study conducted by the Bi.Zone company, a copy of which was made available to editors.
Thieves allow cybercriminals to obtain information about devices intercepting data, including operating system version and hardware information, as well as logins and passwords from crypto wallets, email clients, browsers, and other applications. The resulting authentication material can be used for more sophisticated targeted attacks against compromised organizations.
The most popular stealers include FormBook (29%), SnakeLogger (23%), Rhadamantys (17%), PureLogs Stealer (11%), and MetaStealer, which is used in almost 10% of attacks. The latter is an analogue of the popular RedLine thief, but there are no restrictions on use against companies from Russia and other CIS countries.
The fact that MetaStealer developers do not have a ban on use against Russian organizations is a significant advantage for attackers. The Venture Wolf group, which targets industry, construction, IT, telecom and other sectors, is actively using MetaStealer to attack Russian companies. To deliver the thief, hackers send phishing emails with archives containing a downloader with a .com extension (less commonly .exe); This downloader, when launched, installs the thief on the victim’s device.
For distracting documentation, Venture Wolf often uses organization cards containing companies’ details and addresses. This makes the phishing email more trustworthy and instills trust in the user. It is important to note that trademark owners are not responsible for the actions of cybercriminals and any resulting damages.
Previously appearedHe said hackers can hack almost any computer through an Nvidia graphics card.
What are you thinking?
Source: Gazeta
Jackson Ruhl is a tech and sci-fi expert, who writes for “Social Bites”. He brings his readers the latest news and developments from the world of technology and science fiction.