In the darkweb was recently seen new powerful NanoCore Trojan for Windows systems, distributed absolutely free.
Experts believe that this finding can lead to a sharp jump in attacks, purpose of which is to steal passwords, bank data and other personal information.The talk is about a new version of the NanoCore RAT Trojan, which the authors equipped with new dangerous functions. It is this malware that can be downloaded for free on one of the darkweb forums.
Researchers at LMNTRIX Labs pointed attention to NanoCore v1.2.2.
“Anytime an exploit kit or RAT kit is made available for free, it leads to an explosion of campaigns using the malware. We certainly expect to see more spin-off versions of the NanoCore RAT in the future, and predict most newer versions would continue to be tailored to amateur hackers”, — said Arannya Mukerjee, senior threat researcher at LMNTRIX Labs.
This version offers cybercriminals various attack options on Windows systems. Among other things, the malware can steal passwords, record keystrokes (keylogging), and secretly record audio and video using a webcam.
To hide the fact of recording audio and video materials, NanoCore turns off the luminous diode, indicating that some application is using a webcam. The Trojan can also turn off or restart the infected computer – for this, the operators send him appropriate commands.
Read also: Bank Bolik Trojan masks itself under NordVPN
Moreover, malware can accept commands that allow to control the mouse and open web pages in a browser.
Like many other malware, NanoCore is distributed predominantly through phishing emails. Typically, such letters come in the form of accounts and acts, and their attachments provokes the installation of a Trojan in the system.
According to experts, the danger lies in the convenient NanoCore interface, which allows even low-level cybercriminals to carry out attacks.
“Malware authors today tend to favour easy-to-use interfaces as it helps them write and update code, as well as use the RAT more efficiently. This simple interface also lowers the barrier for entry for any prospective hackers, so even amateurs can launch an attack”, — Arannya Mukerjee told.
Many forms of free malware look to exploit common security vulnerabilities – some of which are years old – so one of the best ways to ensure you don’t fall victim to campaigns is to ensure your operating systems and applications are patched and up to date.