Famous cybersecurity company Palo Alto Networks with its subsidiary Unit 42 found a malware which attacks two Israeli-based fintech companies, according to the recent blog post made by the company.
The report says that Unit 42 first bumped into the malware called Cardinal RAT in 2017, since then malicious software has been attacking two Israeli firms that engaged in crypto trading and developing forex. This malware is a Remote Access Trojan (RAT), by using it the culprit can remotely take control of the system.
The first version of Cardinal RAT has been recently updated, the newest version is using various obfuscation techniques to hinder analysis of the underlying code. The code of the most recent malware is:
The software itself gathers different information about victims, later remotely changes or updates its settings, gives commands and even uninstalls itself. The malware is so powerful that it can recover passwords and execute or download files without permission, it also cleans cookies from browsers.
We remind you
Subscribe to The Coin Shark news in Facebook: https://www.facebook.com/coinshark/