Malware Alert New Kedi RAT Uses Gmail to Exfiltrate Data

Discussion in 'Security News' started by silversurfer, Sep 13, 2017.

  1. silversurfer

    silversurfer Level 40
    Content Creator Trusted AV Tester

    Aug 17, 2014
    Windows 10
    Kedi RAT Pretends to be a Citrix Utility, Transfers Data Using Gmail

    A newly discovered remote access Trojan (RAT) capable of evading security scanners communicates with its command and control (C&C) server via Gmail, Sophos has discovered.

    Dubbed Kedi, the RAT was designed to steal data and is being spread via spear-phishing emails, the security researchers say. The observed attacks appear targeted with the malicious payload masquerading as a Citrix utility.

    shmu26, ispx, harlan4096 and 2 others like this.