- Feb 25, 2017
- 2,498
A massive malware campaign pushed the Java-based STRRAT remote access trojan (RAT), known for its data theft capabilities and the ability to fake ransomware attacks.
In a series of tweets, the Microsoft Security Intelligence team outlined how this "massive email campaign" spread the fake ransomware payloads using compromised email accounts.
The spam emails lured the recipients into opening what looked like PDF attachments but instead were images that downloaded the RAT malware when clicked.
"The emails contained an image that posed as a PDF attachment but, when opened, connected to a malicious domain to download the STRRAT malware," Microsoft said.
"This RAT is infamous for its ransomware-like behavior of appending the file name extension .crimson to files without actually encrypting them."
Microsoft: Massive malware campaign delivers fake ransomware
A massive malware campaign pushed the Java-based STRRAT remote access trojan (RAT), known for its data theft capabilities and the ability to fake ransomware attacks.
www.bleepingcomputer.com
I think @struppigel can tell you guys more about this.