The National Cybersecurity and Communications Integration Center (NCCIC) released a joint alert highlighting five publicly available tools seen in worldwide cyberattacks.
The report is a collaborative research effort between cyber security authorities in Australia, Canada, New Zealand, the U.K., and the U.S., according to an Oct 11 US-CERT advisory.
The highlighted tools included the remote access trojan (RAT) JBiFrost, the webshell tool China Chopper, the Mimikatz credential stealers, the lateral movement frameworks tool PowerShell Empire, and the command and control (C2) obfuscators and exfiltration tool HUC Packet Transmitter (HTran).
“This Activity Alert provides an overview of the threat posed by each tool, along with insight into where and when it has been deployed by threat actors,” the advisory said. “Measures to aid detection and limit the effectiveness of each tool are also described.”
All of these tools have been used for malicious purposes in recent cyberattacks around the world targeting a wide range of critical sectors, including health, finance, government, and defense industries.
