Security Audit

Our Web Application Pentest ( WAP) attempts to address the Owasp top 10 & SANS top 20 web application vulnerabilities and other exploitable loopholes of your web application . Along with it our WAP team also test web applications for Business logic flaws that can directly or indirectly effect the functioning of application.

Trainings

We are here to help you solve your biggest query- where and how to start? CDI has brought various courses in Ethical Hacking in Chandigarh where all you technology lovers will be given the much needed push to move forward and create a niche for yourself in the field. From Beginner to Expert level we have many kinds of training patterns.

Call Us : +91-771045-0011 | +91-771045-0022

Adwind RAT is Back, Infected 1500 Organizations Worldwide

 

 

The Adwind RAT (Remote Access Tool) is not a new name in IT industry. It is the same RAT, which was hijacking computers of victims in July 2016. That time, 4.5 Lac users had been targeted by Adwind RAT.The hackers were spreading this RAT through various type of spam emails. The codes of this RAT have been written by the authors in JAVA which are undetectable by antivirus tools. The Adwind RAT has many other names, such as AlienSpy, Unrecom, jRat, Frutas, KillerRat and Sockrat. The famous IT security company “Kaspersky Lab” has released a report to warn the industry that hackers are running a massive “Adwind RAT” campaign. More than 1500 organizations in 100 countries are the victims of this campaign.

 

The Most Affected Industries

  • Legal Services and Insurance (5%)
  • Construction and Architecture (9.5%)
  • Consulting (5%)
  • Shipping and Logistics (5.5%)
  • Retail (20.1%)

 

The Most Affected Countries

  • United Kingdom
  • Lebanon
  • Mexico
  • Malaysia
  • Germany
  • Russia
  • UAE (United Arab Emirates)
  • Turkey
  • Kazakhstan
  • Hong Kong

Above mentioned countries contains 40% victims of this latest Adwind RAT campaign.

 

How Adwind RAT Works?

This hard coded malware is a backdoor in actual. Once the victim installs it in the system, Adwind RAT can hide from Antivirus tools. Adwind RAT generates a botnet in the program files of the system, which has been controlled by the hackers, through command and control servers. Generally, it comes in a .ZIP file. The Adwind RAT can hijack all type of OS, including Windows, Linux and Mac OS X. The hackers can perform malicious operations in the hijacked system. The hackers can control the complete system and can steal all the sensitive data of victim. The most worrying thing about this RAT is, it is available in forums as a paid service. Anyone can buy it to perform malicious activities against particular targets.

 

How Are Hackers Targeting Victims?

According to Kaspersky Lab, the hackers are sending spam emails on the behalf of HSBC bank. The hackers are trying to proof themselves legit by sending “Payment Advising Service” emails. Along the email, they are sending an attachment which is Adwind RAT in actual. When the user clicks on that attachment, the .exe file of “Adwind RAT” get executed and it makes entry into program files of the system. The hackers are using “mail.hsbcnet.hsbc.com” domain to send these type of emails.

 

This is just an example, the hackers could also send another type of emails according to the interests of the victim. The social engineering matters a lot in such type of attacks. Suppose, you have an account on Facebook and your email is visible to everyone. The hacker could visit your profile and can see which type of pages and groups have been joined by you. If you are an online shopper, the hacker could send you a spam email which could look like a discount coupon.

 

Some Security Tips

  • Avoid unknown emails, especially which contains an attachment with “.jar” extension.
  • Read the complete email first, after that click on the attachment. The hackers do not care about “Typo”. If you notice multiple typo errors, it could be a malicious email.
  • Don’t provide all the personal information on social media. Hackers could target you by observing your interests.
  • Be cyber aware and read our blogs to know about such type of campaigns.

 

Similar Articles:

Hackers are Spreading “Adwind Rat” through Spam Emails!

CyberZeist (@cyberzeist2) Hacked FBI Website And Leaked Data on PasteBin

Be Alert, Scammers Are Sending “Fake Lottery Emails” On The Behalf of Reserve Bank of INDIA

Leave a Reply

Name
Email id
Contact No
Comment

See more of Cyber Intelligence by logging in.
Connect with cyber security experts,Discover job opportunities,Online Training, Information Security Advisory and lot more.