Malicious actors have been secretly embedding the njRAT remote access trojan in free hacking tools as well as cracks of those tools, in a bid to compromise anyone who downloads this software from various websites and forums.

Essentially, this adversary is trying to turn other hackers into victims, taking over their machines for reasons that could range from conducting distributed denial of service attacks to stealing data, according to a blog post today by Cybereason, featuring research from Amit Serper, VP of security strategy and principal researcher with the company's Nocturnus security research team. Indeed, njRat offers up many nefarious possibilities, with capabilities that include keylogging, taking screenshots, recording via webcams and microphones, and file manipulation and exfiltration.

The campaign, identified by the Cybereason Nocturnus team, has apparently been taking place for years and has generated nearly 1,000 malware samples in that time, with new variations of njRAT being added on a daily basis.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.