Research by: Amit Serper
Introduction
Cybereason Nocturnus is investigating a campaign where attackers are trojanizing multiple hacking tools with njRat, a well known RAT. The campaign ultimately gives attackers total access to the target machine. The threat actors behind this campaign are posting malware embedded inside various hacking tools and cracks for those tools on several websites. Once the files are downloaded and opened, the attackers are able to completely take over the victim’s machine. In this write-up we present our analysis of the TTPs of the attackers and the indicators of compromise. In the investigation of this campaign, we have found hundreds of trojanized files and a lot of information about the threat actors infrastructure.
Article Link: https://www.cybereason.com/blog/whos-hacking-the-hackers-no-honor-among-thieves