BeInNews Academy Ltd © Street: Suite 1701 – 02A, 17/F, 625 King’s Road, North Point. Hong Kong.
A Once you've bought or received bitcoins; you now need to keep them as safe as possible. This guide will provide... More researcher at Cybereason recently discovered a new malware campaign in which hacking groups are targeting each other by infecting popular hacking tools.
A recently discovered malware campaign has revealed quite an interesting development, suggesting that hackers themselves are becoming the targets of their peers. According to a recent report by Cybereason security researcher Amit Serper, hackers seem to be infecting popular hacking tools with malware.
New: Hackers are "baiting" other hackers by posting repackaged tools with malware on hacking forums. https://t.co/fznL3YgzPh
— Zack Whittaker (@zackwhittaker) March 10, 2020
The campaign has supposedly already been running for a year, even though it was only discovered recently. It also seems to be targeting a number of existing hacking tools, many of which were designed for exfiltrating data from various databases by misusing product key generators, cracks, and the like.
Such tools are being infected by a powerful remote-access trojan, as Serper reports. As soon as someone opens them, the hackers would gain full access to the targeted hacker’s device. Serper added that hackers seeking victims among their own are actively trying to infect as many others as possible by posting the repackaged tools on various hacking forums.
With that said, Serper believes that there is something else at play here, not just hackers targeting other hackers. The malicious tools are not only opening backdoors to hacker-owned computers but also to all the systems that the targeted hackers have already breached.
Serper said that this also includes offensive security researchers who are working on red team engagements.
The hackers behind the attack on other hackers remain unknown at this time. But what Serper did confirm is that they are injecting and repackaging tools with a trojan known as njRat, which provides access to files, passwords, microphones and webcams, and even entire desktops. The trojan itself is at least seven years old, dating back to 2013 when it was used against targets in the Middle East.
Serper also claims that hackers have compromised multiple websites to host hundreds of malware samples and speed up the infection of others.
Do you want to Be In Crypto?Join our Telegram Trading Group for FREE Trading Signals,a FREE Trading Course for Beginners and Advanced Tradersand a lot of fun! Images courtesy of Shutterstock, TradingView and Twitter.