24,000 computers worldwide infected by Middle Eastern malware

Share this article:

Experts have discovered a remote access tool (RAT) that has infected 24,000 computers worldwide, and has been used by up to 487 criminal groups.

Dubbed njRAT, the malware shares similar functions as other RATs, but its most unique attribute stems from its regional usage, according to a blog post by researchers at Symantec.

Developed by Arabic speakers, the RAT – which can download additional malware, log keystrokes, compromise webcams, and can control botnets – is primarily used by attackers in the Middle East and spreads via “infected USB keys or networked drives.” Close to 80 percent of the command and control servers tied to the malware are located in Middle East regions.

While a majority of the usage is geared toward typical cyber criminal motives, experts at Symantec have observed the malware infecting the networks of governments and political activists.

Share this article:

Sign up to our newsletters

More in News

Metro.us site compromised, serves malicious code

Researchers at Websense say visitors to Metro.us are sent to websites hosting the Rig Exploit Kit, used in the past to distribute CryptoWall.

DDoS attacks remain up, stronger in Q2, report says

DDoS attacks remain up, stronger in Q2, report ...

Prolexic's second quarter DDoS report noted the proliferation of shorter attacks that ate up more bandwidth.

Superman soars above fellow superheroes as most toxic search term

A McAfee study found that searches pertaining to Superman exposed users to the most infected websites.