silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,178
A newly discovered remote access Trojan (RAT) dubbed Parasite HTTP includes a broad range of protections, including sandbox detection, anti-debugging, anti-emulation, and more, Proofpoint reports.
Dubbed Parasite HTTP, the malware is being advertised on an underground forum and has already been used in an infection campaign. Courtesy of a modular architecture, the malware’s capabilities can be expanded with the addition of new modules after infecting a system.
The threat was recently used in a small email campaign targeting recipients primarily in the information technology, healthcare, and retail industries. The emails contained Microsoft Word attachments with malicious macros designed to download the RAT from a remote site.