Cybersecurity researchers have discovered a potent new malware strain that comes with a number of dangerous features and abilities.
Named Borat (after the protagonist of the popular Sacha Baron Cohen film), the malware is a remote access trojan (RAT), ransomware tool and spyware all in one, which can also be used to launch distributed denial of service (DDoS) attacks and UAC bypass.
Researchers from the cybersecurity firm Cyble managed to obtain a sample of the malware and, after a closer inspection, discovered that it can take control of the target’s mouse and keyboard, access files and network points, and hide its presence on the endpoint.
TechRadar needs you!
We’re looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn’t take more than 60 seconds of your time, and entrants from the UK and US will have the chance to enter a draw for a £100 Amazon gift card (or equivalent in USD). Thank you for taking part.
>> Click here to start the survey in a new window
Among the Borat malware’s vast array of features are a keylogger, audio recorder, webcam recorder, reverse proxy, password stealer and Discord token stealer.
Researchers aren’t sure if Borat is being sold online, or just distributed for free. Cyble says it comes bundled up with a builder, different malware modules, and a server certificate.
Usually, such malware gets distributed on dark web sites, in torrent files masquerading as patches and cracks, and on fake phishing sites that promise free software and other things.
The researchers described it as a “unique combination of RAT, spyware and ransomware”, making it a “triple threat” to any compromised device.
> Cybercriminals are infiltrating our Microsoft Excel spreadsheets now
> This dangerous malware affects nearly all devices, and somehow remained undetected until now
> This nasty trojan uses Discord as a command and control server
“With the capability to record audio and control the webcam and conduct traditional info-stealing behavior, Borat is clearly a threat to keep an eye on,” the researchers concluded.
BleepingComputer tried to uncover who the masterminds behind Borat are, and found that the payload executable was recently identified as AsyncRAT, which suggests the authors probably based their work on this particular RAT.
To stay safe, security researchers suggest everyone stays vigilant when downloading software and only downloads content from trusted sources.
- Stay safe from any malware or RAT with the best firewalls right now