The Times Australia
The Times Technology News

.
The Times Real Estate

.

New RAT Variants Running Rampant, Threat Report Reveals

  • Written by AVAST

Avast (LSE:AVST), a global leader in digital security and privacy, today released its Q3/2021 Threat Report. In the third quarter of the year, the Avast Threat Labs have seen an increased risk of businesses and consumers being attacked by ransomware and remote access trojans (RATs). RATs can be used for industry espionage, credentials theft, stalking, and even distributed denial of service (DDoS) attacks. The threat researchers also observed innovation in the ever-evolving cybercrime space, with new mechanisms used by exploit kits, and by the mobile banking Trojan Flubot.

Ransomware and RATs putting businesses at risk

In the beginning of Q3 2021, the world witnessed a massive supply chain attack on IT management software provider Kaseya and its customers, with Sodinokibi/REvil ransomware. The Avast Threat Labs noticed and blocked this attack on more than 2.4k endpoints. Following the involvement of politics, the ransomware operators released the decryption key, and Sodinokibi’s infrastructure went down, with no new variants seen in the wild until September 9th, when Avast detected and blocked a new variant. Overall, in Q3, the Avast Threat Labs saw the risk ratio of ransomware attacks go up by 5% vs. Q2, and even up by 22% vs. Q1 2021.

RATs were also a dangerous threat for businesses and consumers, which spread further in Q3 than in the previous quarters. Avast spotted three new RAT variants, including FatalRAT with anti-VM capabilities, VBA RAT, which exploits the Internet Explorer vulnerability CVE-2021-26411, and a new version of Reverse RAT with build number 2.0 which added web camera photo taking, file stealing and anti-AV capabilities. “RATs can be a fundamental threat for businesses, as they can be used for industry espionage,” said Jakub Kroustek, Avast Malware Research Director. “However, RATs can also be used against consumers, for example to steal their credentials, to add their computers to a botnet to drive DDoS attacks, and unfortunately, for cyberstalking, which can do massive harm to an individual’s privacy and wellbeing.”

Growing distribution of rootkits, and innovation in exploit kits and mobile banking trojans
The Avast Threat Labs also recorded a significant increase in rootkit activity at the end of Q3, which was one of the most significant increases in activity in the quarter. A rootkit is malicious software designed to give unauthorised access to cybercriminals, with the highest system privileges. Rootkits commonly provide services to other malware in the user mode.

Another malware category that appears to be returning are Exploit Kits, with notable new innovations occurring, including the targeting of Google Chrome vulnerabilities. The most active exploit kit was PurpleFox, against which Avast protected over 6,000 users per day on average. Rig and Magnitude were also prevalent throughout the whole quarter. The Underminer exploit kit woke up after a long period of inactivity and started sporadically serving HiddenBee and Amadey. Some exploit kits, especially PurpleFox and Magnitude, are under heavy development, regularly receiving new features and exploitation capabilities.

The Avast Threat Labs also monitored new tactics on the mobile front, with FluBot, an Android SMS banking threat, changing its social engineering approach. Jakub Kroustek said, “Flubot first spread posing as delivery services to lure the victims into downloading a “tracking app” for a parcel they recently missed or should be expecting. In Q3, Avast has seen novel scenarios in spreading this malware. One example is posing as voicemail recorders. Another is fake claims of leaked personal photos. The most extreme of these variants would even lure the victim to a fake page that would claim the victim has already been infected by FluBot when they probably weren’t yet and trick them into installing a “cure” for the “infection”. This “cure” would in fact be the FluBot malware itself.

Flubot continued to expand from where initially it was targeting Europe in Q2 - Spain, Italy, Germany, to later spread throughout the rest of Europe and other countries like Australia and New Zealand.

For more detailed information visit the full report: https://decoded.avast.io/threatresearch/avast-q321-threat-report/

The Times Features

Brisbane Water Bill Savings: Practical Tips to Reduce Costs

Brisbane residents have been feeling the pinch as water costs continue to climb. With increasing prices, it's no wonder many households are searching for ways to ease the burde...

Exploring Hybrid Heating Systems for Modern Homes

Consequently, energy efficiency as well as sustainability are two major considerations prevalent in the current market for homeowners and businesses alike. Hence, integrated heat...

Are Dental Implants Right for You? Here’s What to Think About

Dental implants are now among the top solutions for those seeking to replace and improve their teeth. But are dental implants suitable for you? Here you will find out more about ...

Sunglasses don’t just look good – they’re good for you too. Here’s how to choose the right pair

Australians are exposed to some of the highest levels[1] of solar ultraviolet (UV) radiation in the world. While we tend to focus on avoiding UV damage to our skin, it’s impor...

How to Style the Pantone Color of the Year 2025 - Mocha Mousse

The Pantone Color of the Year never fails to set the tone for the coming year's design, fashion, and lifestyle trends. For 2025, Pantone has unveiled “Mocha Mousse,” a rich a...

How the Aussie summer has a profound effect on 'Climate Cravings’

Weather whiplash describes the rollercoaster-like shifts in weather we’ve experienced this summer —a blazing hot day one moment, followed by an unexpectedly chilly or rainy tur...

Times Magazine

The Vital Role of Digital Marketing in Business Growth

Digital marketing has transformed the way businesses reach and engage with their customers. With the rapid advancement of technology and the widespread use of the internet, businesses can no longer rely solely on traditional marketing methods. This...

Dog Yog Launches Delicious New Range of Snoopy Products

Melbourne-based company Dog Yog is making doggy dreams come true everywhere with their new, delicious collaboration with Peanuts™ featuring the world’s most famous beagle, Snoopy. The new, tasty range includes a dog-friendly ice cream, available...

Power Racks are the Ultimate Tool for Building Muscle and Strength

Power racks are an essential piece of equipment for anyone who wants to take their weightlifting and strength training to the next level. These racks offer several benefits that can help you reach your fitness goals more effectively and safely. In ...

Take The Plunge, Elevate Your Personal Health: P3 Recovery Opens In Port Melbourne

World leaders in wet and dry therapy make wellbeing even more accessible for Melbournians  Ice baths, infrared saunas, IV therapy, breathwork. Just some of the latest wellness therapies that happen to be housed inside P3 Recovery centres emergin...

Utilize Rip Rap Seawall for Shoreline Protection

A Rip Rap seawall is a type of coastal engineering structure that protects shorelines from wave erosion, which is composed of large stones or boulders placed in an interlocking pattern along the shoreline. The design of the seawall is to absorb and d...

Try these second most famous spirits

When it comes to renowned spirits from around the world, certain names immediately spring to mind. Tequila from Mexico, scotch from Scotland, sake from Japan and schnapps from Germany are among the most well-known.  However, beyond these interna...

LayBy Shopping