Adwind Remote Access Trojan Hits Utilities Sector

silversurfer

silversurfer

Super Moderator
Thread author
Verified
Top Poster
Staff Member
Malware Hunter
Forum Veteran
Aug 17, 2014
12,740
123,893
8,399
Content source
https://www.bleepingcomputer.com/news/security/adwind-remote-access-trojan-hits-utilities-sector/
Attackers are targeting entities from the utility industry with the Adwind Remote Access Trojan (RAT) malware via a malspam campaign that uses URL redirection to malicious payloads.

Adwind (also known as jRAT, AlienSpy, JSocket, and Sockrat) is distributed by its developers to threat actors under a malware-as-a-service (MaaS) model and it is capable of evading detection by most major anti-malware solutions.

While the Adwind Trojan manages to avoid detection by some anti-malware solutions, sandbox- and behavior-based antivirus software should be capable of detecting and block it successfully.

This allows its operators to successfully compromise their targets' computers without raising suspicion, and perform a wide range of malicious tasks from stealing sensitive info like VPN certificates and credentials from Chrome, IE, and Edge to collecting and exfiltrating the victims' keystrokes.
Click to expand...
Read more below:
www.bleepingcomputer.com

Adwind Remote Access Trojan Hits Utilities Sector

Attackers are targeting entities from the utility industry with the Adwind Remote Access Trojan (RAT) malware via a malspam campaign that uses URL redirection to malicious payloads.
www.bleepingcomputer.com www.bleepingcomputer.com
cofense.com

New Phishing Campaign Bypasses Microsoft ATP | Cofense

The Cofense  Phishing Defense CenterTM has observed a new phishing campaign that spoofs a PDF attachment to deliver the notorious Adwind malware. This
cofense.com cofense.com
 
  • Wow
  • Like
Reactions: Gandalf_The_Grey, harlan4096, g4nu5 and 1 other person
You must log in or register to reply here.

You may also like...