A new version of a powerful trojan malware is available on the dark web for free and a cybersecurity company warns that this might lead to a rise in attacks targeting passwords, bank details and other personal information, even by tricksters with limited technical skills.
NanoCore RAT (Remote Access Trojan) first appeared in 2013 and continues to cause trouble for victims. It was possible to purchase this malware at a small cost of $25, but various versions of the software have also been leaked online throughout its development. Now another new dangerous variant with additional capabilities is being shared for free on a dark web forum.
This was exposed by security researchers at LMNTRIX Labs. NanoCore v1.2.2 provides users a variety of attacks against Windows systems that includes the ability to steal passwords, perform keylogging and secretly record audio and video footage using the webcam.
While secretly using the webcam, NanoCore disables the light that blinks while recording, so that it doesn’t gets detected.
Some other capabilities include the ability to remotely shutdown or restart the machine, remotely control the mouse, open web pages etc. This malware enables an attacker to use any system as if it was their own and exploit it for any criminal activities.
Similar to other hacking campaigns, NanoCore is mainly distributed with email phishing attacks. According to the researchers most of the current campaigns that distributes the malware are designed like invoices or purchase orders with attachment names that persuades the victims into clicking.
NanoCore has a user-friendly interface to help manage the activity thus making it easier for low-level attackers to conduct attacks.
Arannya Mukerjee, senior threat researcher at LMNTRIX Labs said that nowadays the malware authors make easy-to-use interfaces as it helps them to easily write and update code and also to use the RAT more efficiently. This interface also lowers the barrier to entry for any hackers making it easier even for amateurs to launch an attack.
Whenever an exploit kit or RAT kit is available for free, it leads to several campaigns using the malware. It is expected to see more versions of the NanoCore RAT in the future. The best ways to ensure you don’t fall victim to campaigns is to ensure your operating systems and applications are patched and up to date.