ObliqueRAT Trojan Lurks On Compromised Websites – Experts Comments

In a blog post-Tuesday, Cisco Talos reports a new campaign has changed how the malware is served on victim systems. Experts offer perspective.

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Saryu Nayyar
Saryu Nayyar , CEO
InfoSec Expert
March 3, 2021 3:00 pm

<p>The evolution of the ObliqueRAT trojan is a good example of how malicious actors are constantly updating their tools and techniques to bypass existing controls.  By embedding their malware in a bitmap image using steganography, they are able to bypass conventional controls that block executables, archives, etc.  By embedding it in an image, they also slip past the Human element that would only see an image as expected.  Fortunately, the attackers can\’t hide the malware\’s behaviors, which means security analytics remains effective, while knowing the sources and file format makes it easy to add restrictions through threat intelligence feeds as well.</p>

Last edited 1 year ago by Saryu Nayyar
1
0
Would love your thoughts, please comment.x
()
x