GoRat Spreading to Financial Institutions and Gov. Employees
Posted by: Timothy Weaver on 09/10/2016 08:02 AM
[
Comments
]
GoRat is targeting government employees and is bypassing AV software. It does this by using stolen certificates.
“If you’re downloading something from a particular resource, the hackers can intercept the download and replace it with malware,” said InfoArmor CIO Andrew Komarov on Friday.
InfoArmor said that last year, GoRat had infected more than 15 governments, in addition to seven financial institutions and over 100 corporations. It is expected to spread since it has been found being sold on the Dark Web. In addition, a database is available that includes 33,000 Internet accounts, some of which belong to U.S. government employees. The database includes email addresses, hashed passwords, full names, and addresses.
The infection method is thought to be done through spear phishing or drive-by-downloads. It is still unclear as to who developed the malware, but Komarov suspects it is going to be used for long-term cyber espionage operations.
Source: Network World
“If you’re downloading something from a particular resource, the hackers can intercept the download and replace it with malware,” said InfoArmor CIO Andrew Komarov on Friday.
InfoArmor said that last year, GoRat had infected more than 15 governments, in addition to seven financial institutions and over 100 corporations. It is expected to spread since it has been found being sold on the Dark Web. In addition, a database is available that includes 33,000 Internet accounts, some of which belong to U.S. government employees. The database includes email addresses, hashed passwords, full names, and addresses.
The infection method is thought to be done through spear phishing or drive-by-downloads. It is still unclear as to who developed the malware, but Komarov suspects it is going to be used for long-term cyber espionage operations.
Source: Network World
Comments
