NJRat making a comeback, researchers observe

Adam GreenbergMarch 23, 2015

NJRat – a remote access trojan – is making a comeback, according to researchers with PhishMe.

The malware is being delivered via an email purportedly from eDisk, according to a Thursday post by Ronnie Tokazowski, senior researcher with PhishMe. The message in the email states that a professional gamer has sent a link to a file stored on the online storage service.

Clicking the link brings the user to a page where they can download a file named 'NFSW_Car_Changer.exe,' which is actually the threat, the post indicates.

“The executable is compiled with .NET 4.0,” Tokazowski wrote. “This is worth mentioning because most of the malware today is written in C/C++. The biggest benefit for malware to be written in .NET is that it can be difficult to decode and see what is truly going on.”

Adam Greenberg

Vulnerability Management

‘MadMxShell’ leverages Google Ads to deploy malware via Windows backdoor

Steve ZurierApril 18, 2024

Security pros say using Windows backdoor in a malvertising campaign could expose companies to other malware attacks.

Network Security

DDoS attacks spike in first quarter

SC StaffApril 17, 2024

Fifty percent more distributed denial-of-service attacks have been launched by threat actors during the first quarter of 2024 over the same period last year, with thwarted DDoS attacks increasing by 93% year-over-year, SiliconAngle reports.

Close up the triple-lens camera on the iPhone 13 Pro Max Seirra Blue and Graphite Color on white background.

Application security

Updated LightSpy spyware targeted at South Asia

SC StaffApril 17, 2024

Security Affairs reports that attacks with an updated iteration of the LightSpy iOS spyware using the "F_Warehouse" framework have been deployed against Southern Asian targets as part of a new cyberespionage campaign.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news