Printer Friendly

Java RAT attacking users in UAE and UK.

Symantec is warning of a Java attack that appears to be mainly targeting users in the UAE and UK.

The Java remote access Trojan (JRAT) is being sent to users

in a spam campaign, as an attachment to an email that claims the Trojan is a payment


If the attachment is opened, the JRAT will infect the

computer, potentially giving attacks full control over the infected device.

The security company said that while this particular JRAT is

nto new, it appears to have been customised for the campaign, and the attacks

appear to be targeting specific individuals.

The JRAT seems to be aimed at individuals, Symantec said,

due to the low number of victims, a unique dropper, one command-and-control

(C&C) server and the fact that the majority of these spam messages were sent

to personal email addresses.

The malicious email attachment, which has the file name

Paymentcert.jar, is detected as Trojan.Maljava. If the Trojan is executed, it

will drop JRAT, detected as Backdoor.Jeetrat, on the compromised computer. The

RAT not only affects Windows PCs, but also Linux, Mac OSX, FreeBSD, OpenBSD,

and Solaris computers. This RAT is not new, as we have seen it in previous

targeted attacks. JRAT's builder, as seen in the following image, shows just

how easy it is for an attacker to create their own customized RAT.

Symantec is advising users not to open attachments on unsolicited

or suspicious emails.

ACN is still looking for your input to our 2014 Security Behaviour Survey . Click the link to complete the survey and enter the draw to win an iPad Air.

2014 ITP Business Publishing Ltd. All Rights Reserved. Provided by , an company
COPYRIGHT 2014 Al Bawaba (Middle East) Ltd.
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2014 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Date:Mar 4, 2014
Previous Article:Saudi cloud spending on the up.
Next Article:Readers\ Choice Awards voting now open.

Terms of use | Privacy policy | Copyright © 2020 Farlex, Inc. | Feedback | For webmasters