Unit 42 Found Malware Which Threatens Israeli Fintech And Crypto Companies

Famous cybersecurity company Palo Alto Networks with its subsidiary Unit 42 found a malware which attacks two Israeli-based fintech companies, according to the recent blog post made by the company.

The report says that Unit 42 first bumped into the malware called Cardinal RAT in 2017, since then malicious software has been attacking two Israeli firms that engaged in crypto trading and developing forex. This malware is a Remote Access Trojan (RAT), by using it the culprit can remotely take control of the system.

The first version of Cardinal RAT has been recently updated, the newest version is using various obfuscation techniques to hinder analysis of the underlying code. The code of the most recent malware is:

SHA256b742162197744a8caeb09f954213a3172ed699f8375f69c40b57b8c219c5e37c

The software itself gathers different information about victims, later remotely changes or updates its settings, gives commands and even uninstalls itself. The malware is so powerful that it can recover passwords and execute or download files without permission, it also cleans cookies from browsers.

The research team stated in the report that malicious malware Cardinal RAT has similar features with a JavaScript-based malware – EVILNUM. It is also used to attack against fintech organizations. Such malware families are very rare, thus developers and workers of fintech companies should be careful.

We remind you

The Hackers of the “51% Attack” on Ethereum Classic Returned Half of the Stolen Funds

Subscribe to The Coin Shark news in Facebook: https://www.facebook.com/coinshark/

Leave a Reply

Your email address will not be published. Required fields are marked *