Experts have discovered a remote access tool (RAT) that has infected 24,000 computers worldwide, and has been used by up to 487 criminal groups.
Dubbed njRAT, the malware shares similar functions as other RATs, but its most unique attribute stems from its regional usage, according to a blog post by researchers at Symantec.
Developed by Arabic speakers, the RAT – which can download additional malware, log keystrokes, compromise webcams, and can control botnets – is primarily used by attackers in the Middle East and spreads via “infected USB keys or networked drives.” Close to 80 percent of the command and control servers tied to the malware are located in Middle East regions.
While a majority of the usage is geared toward typical cyber criminal motives, experts at Symantec have observed the malware infecting the networks of governments and political activists.
