Expert Insight On StrRAT Malware Disguised As Ransomware

By   ISBuzz Team
Writer , Information Security Buzz | May 26, 2021 06:26 am PST

A massive phishing campaign is distributing what looks like ransomware but is in fact trojan malware that creates a backdoor into Windows systems to steal usernames, passwords and other information from victims. Detailed by cybersecurity researchers at Microsoft, the latest version of the Java-based STRRAT malware is being sent out via a large email campaign, which uses compromised email accounts to distribute messages claiming to be related to payments, alongside an image posing as a PDF attachment that looks like it has information about the supposed transfer.

Notify of
2 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
Jamie Akhtar
Jamie Akhtar , CEO and Co-founder
May 26, 2021 2:28 pm

<p>Whether ransomware or password-stealing malware, the vehicle of its distribution tends to be the same. That is, through phishing emails because it works. Organisations need to be more proactive in educating employees to spot such emails in both a professional and home setting. Regular security awareness training should be implemented so that individuals know to look out for red flags like grammatical errors and unusual email domains. More importantly, they should not ever click on unsolicited links or download attachments.</p>

Last edited 2 years ago by Jamie Akhtar
Niamh Muldoon
Niamh Muldoon , Senior Director of Trust and Security EMEA
May 26, 2021 2:27 pm

<p>This campaign combines two of the most prominent cyber threats from the past year: Ransomware and phishing. Ransomware attacks are on the rise, with a spate of serious attacks taking place in the last few weeks, increasing the fear related to them among the public. Times of fear and uncertainty, are an ideal time for malicious attackers to target our human response vulnerabilities, with phishing campaigns aiming to create an emotional response with individuals so they succumb to attacks. So, by utilising such a serious threat as ransomware, victims are even more likely to let their guard down and become vulnerable to carrying out designated actions such as clicking a link or disclosing a password, which ironically acts as an entry point to execute actual ransomware attacks.</p> <p> </p> <p>This campaign is an example of how human behaviour social engineering exploitations are evolving and highlights the need for efforts to be made to educate the public about phishing attempts. Users should try to stay vigilant to phishing campaigns by following simple cybersecurity steps such as: being cautious of attachment they are not expecting; never give out personal information; make sure to download and regularly update anti-virus software.</p>

Last edited 2 years ago by Niamh Muldoon

Recent Posts

Would love your thoughts, please comment.x