请输入您要查询的百科知识:

 

词条 Njrat
释义

  1. About the program and its whereabouts

  2. Features

  3. References

njRAT, also known as Bladabindi[1], is a Remote Access Trojan or Trojan which allows the holder of the program to control the end user's computer. It was first found in June 2013 with some variants traced to November 2012. It was made by a hacking organization from different countries called Sparclyheason and was often used against targets in the Middle East. It can be spread through phishing and infected drives. [2] It is rated "severe" by the Microsoft Malware Protection Center.[1]

About the program and its whereabouts

The program was developed by a hacker's organization called Sparclyheason whose members identified are: Njq8, MaSad, John Gietzen, DarkSel, Hector Cowlover, RockingWithTheBest, CoBrAxXx, Viotto, among others.

A surge of njRAT attacks was reported in India in July 2014.[3] In an attempt to disable njRAT's capabilities, Microsoft took down four million websites in 2014 while attempting to filter traffic through no-ip.com domains. [4]

In March 2016, Softpedia reported that spam campaigns spreading remote access trojans such as njRAT were targeting Discord (software).[5] In October 2016, Softpedia also reported the appearance of a cracked VMware download that would download njRAT via Pastebin. Terminating the process would crash the computer.[6]

An Islamic State website was hacked in March 2017 to display a fake Adobe Flash Player update download, which instead downloaded the njRAT trojan.[7]

Features

njRAT can:

  • Remote into the victim's desktop or active window
  • See the victim's IP, full computer name, full username, OS, install date, and country
  • Remotely execute a file from disk or URL
  • Manipulate files
  • Open a remote shell, allowing the attacker to use the command line
  • Open a process manager to kill processes
  • Manipulate the system registry
  • Record the computer's camera and microphone
  • Log keystrokes
  • Steal passwords stored in browsers or in other applications

References

1. ^{{cite web|title=MSIL/Bladabindi|url=https://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?name=MSIL/Bladabindi|website=www.microsoft.com|publisher=Microsoft|accessdate=5 June 2017|language=en-us}}
2. ^{{Cite news|url=https://www.cyber.nj.gov/threat-profiles/trojan-variants/njrat|title=NJRat|work=NJCCIC|access-date=2017-06-02|language=en-US}}
3. ^{{cite web|title=Hacking virus 'Bladabindi' targets Windows users in India, steals personal info: Cert-In - Tech2|url=http://tech.firstpost.com/news-analysis/hacking-virus-bladabindi-targets-windows-users-in-india-steals-personal-info-cert-in-227963.html|website=Tech2|accessdate=5 June 2017|date=27 July 2014}}
4. ^{{cite web|last1=Krebs|first1=Brian|title=Microsoft Darkens 4MM Sites in Malware Fight — Krebs on Security|url=https://krebsonsecurity.com/2014/07/microsoft-darkens-4mm-sites-in-malware-fight/#more-26708|website=krebsonsecurity.com|accessdate=5 June 2017}}
5. ^{{cite web|last1=Cimpanu|first1=Catalin|title=VoIP Gaming Servers Abused to Spread Remote Access Trojans (RATs)|url=http://news.softpedia.com/news/gaming-voip-servers-abused-to-spread-remote-access-trojans-rats-509496.shtml|website=Softpedia|accessdate=5 June 2017|language=en-us}}
6. ^{{cite web|last1=Cimpanu|first1=Catalin|title=RAT Hosted on PasteBin Leads to BSOD|url=http://news.softpedia.com/news/rat-hosted-on-pastebin-leads-to-bsod-509803.shtml|website=Softpedia|accessdate=5 June 2017|language=en-us}}
7. ^{{cite web|last1=Cox|first1=Joseph|title=Hackers Hit Islamic State Site, Use It to Spread Malware|url=https://motherboard.vice.com/en_us/article/hackers-islamic-state-malware|website=Motherboard|accessdate=5 June 2017|language=en-us}}

2 : Trojan horses|2012 in computer science
随便看

 

开放百科全书收录14589846条英语、德语、日语等多语种百科知识,基本涵盖了大多数领域的百科知识,是一部内容自由、开放的电子版国际百科全书。

 

Copyright © 2023 OENC.NET All Rights Reserved
京ICP备2021023879号 更新时间:2024/9/28 21:27:04