The Bandook malware family, which was thought to be extinct, is back and may be part of a larger operation intended to sell offensive hacking tools to governments and cybercriminal groups to attack them.
Several recent research papers have been released by Check Point Research, which indicate that Bandook is regaining popularity across a wide range of targeted sectors and locations despite being a 13-year-old bank, Trojan.
It has been observed that dozens of variants of the malware have been used in attacks in the United States, Singapore, Cyprus, Chile, Italy, Turkey, Switzerland, Indonesia and Germany over the past year in attacks against organizations. Government, finance, energy, food, healthcare, education, IT, and legal are some of the sectors targeted by the software.
In 2007, Bandook malware was discovered as a remote access trojan (RAT) that has been active for several years. It has been reported that Bandook malware has evolved into a new variant that injects its payload into msinfo32.exe to distribute the malware and allow remote attackers to take control of the system if it is infected.
As a result, this remote access trojan poses a significant threat to users privacy, as it is capable of performing various tasks allowing cybercriminals to gather various types of personal data.
Therefore, my recommendation would be to avoid installing it if people are gami
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: