Security researchers became aware of a new variant of Adwind jRAT, a remote access Trojan that uses Java to take control and collect data from a user’s machine–namely login credentials. Malware that takes advantage of common Java functionality is notoriously difficult to detect or detonate in a sandbox for the simple fact that Java is so common on the web. In fact, any effort to block or limit Java would result in much of the internet breaking down–a non starter for users who increasingly rely on rich web apps or SaaS platforms for their day-to-day responsibilities.
New jRAT/Adwind variant sends normal JAVA commands to appear legitimate https://t.co/gMFkcOHwI4 pic.twitter.com/QBk9r2CMmS
— Virus Bulletin (@virusbtn) October 30, 2019
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
