Super RATS? Comodo has Built a Better Mousetrap!

September 17, 2013 | By Editor

RAT is a common term in the malware community, which refers to the Remote Access Trojans. As the name suggests, they are trojan viruses capable of infecting a compute but they are not mobile.

These stay-at-home creatures do not have the ability to spread to more machines or spread through portable storage devices.

Unfortunately, a new form of RAT appeared recently which is fully mobile and has the capacity to shift to a USB drive when it is connected to the infected computer. Researchers are baffled with this discovery and disturbed that this new trojan has broken all barriers previously prescribed for this threat.

You could call it a super RAT!

The njw0rm virus was developed and written by the same person who unleashed an older version last year called njRAT. Both threats are adept at stealing user credentials, infecting files, executing commands and downloading updates from the attacker.

The difference is that njw0rm is much more mobile. Once it infects the computer, it detects if a USB drive is attached to any of the ports. This update threatens Internet security because the trojan will instantly shift itself to the USB drive with a plan to further infect every computer that connects to the same external storage drive.

RATs have the capacity to be sent to a computer and will allow the hacker to gain control of the computer without being physically present. RAT will not spread automatically because it requires manual human interference on the other side to extract and infect the data available unlike crime-ware, which is capable of doing this on its own.

NjW0rm can continuously read the computer to detect USB connections. It creates a fake My Pictures folder in the removable drive to trick the user into clicking it and executing the malicious trojan. Similar to previously known USB viruses, the worm will read a pen drive and duplicate 10 different folders, hide the original files and create executable versions of the worm in the same original name.

The njw0rm also has the capacity to steal no-IP credentials, passwords stored in Chrome and FTP passwords found in XML files. Security experts have identified the code creator to be from Kuwait and are working towards identifying the exact location.

Lucky for us all that Comodo has built a better RAT trap with Comodo Internet Security. With its default/deny strategy and sandbox failsafe protection, it is truly

Be Sociable, Share!

    Add new comment

    Your name
    Comment

    You may use these HTML tags and attributes: <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>