Skip to main content

Newly discovered malware pranks its victims – just in time for April Fools Day

By
Hacker at laptop

Cybersecurity researchers have discovered a brand new malware threat called CrystalX RAT, which is making its way around private hacker group chats and forums.

What sets CrystalX RAT apart from other malware?

It's an all-in-one hacker tool that includes data stealing and spyware capabilities. Furthermore, perhaps just in time for April Fools' Day, CrystalX RAT also has unique "prankware" capabilities that can mock and troll its victims in real-time.

On April 1, researchers with cybersecurity firm Kaspersky's Global Research & Analysis Team (GReAT) published a new report on a new malware they recently discovered in March called CrystalX RAT. 

The team found evidence of this new malware dating back to January, and it was being offered within hacker communities as a MaaS, or Malware-as-a-Service, tool. This means that the developers of CrystalX RAT were offering the malware to less tech-savvy bad actors as a paid subscription service.

RAT stands for Remote Access Trojan and is a particularly dangerous type of malware that gives attackers complete remote access to the targeted computer or mobile device.

However, what caught Kaspersky researchers' eye about CrystalX RAT was its "extensive arsenal of capabilities" when compared to other similar types of malware.

Once a target downloads the CrystalX RAT malware to their device, they have unknowingly provided an attacker with a slew of data-stealing capabilities and spyware functionality. CrystalX RAT includes a stealer, which gathers system information and extracts private credentials from platforms like Telegram, Discord, Steam, and Chromium-based browsers like Google Chrome. In addition, an attacker can remotely monitor and control the infected device.

CrystalX RAT also includes a keylogger, which records every key that the victim types, and a clipper, which modifies a victim's clipboard. A hacker can utilize a clipper in order to perform actions such as changing a crypto wallet address when a target goes to paste the address.

However, what truly sets CrystalX RAT apart from other malware is its prankware toolset, which can be used to mock and troll the victim from within their device.

According to Kaspersky, CrystalX RAT comes with a panel titled "Rofl," which includes different methods in which the attacker can remotely prank the target through their infected computer. 

Using CrystalX RAT, a hacker could remotely change a victim's desktop background to any image they like or rotate their computer screen's display, for example.

The attacker could also swap the victim's mouse buttons, disconnect computer peripherals like the monitor or keyboard, or hide desktop icons. CrystalX RAT also provides the capability to completely shutdown or restart an infected device remotely. Furthermore, a victim can receive custom notifications created by the attacker, who can even send messages in a pop-up chat dialog window.

While these may seem like silly pranks, as Kaspersky points out, they add a distressing psychological toll to the target, who is already a victim to an invasive cyberattack.

“Such a diverse feature set effectively enables a 360-degree compromise of the victim and a complete loss of privacy," said senior security researcher at Kaspersky Leonid Bezvershenko in a statement. "Beyond gaining access to account credentials, the stolen data could potentially be used for blackmail."

CrystalX RAT is just one of a number of sophisticated malware attacks to pop up over the past few months. Cybersecurity professionals urge users to be cautious when coming across unknown files online and to stick with downloads from official, trusted sources.



from Mashable https://ift.tt/gS3NnAs
via IFTTT
Labels:

Comments

Post a Comment

Popular posts from this blog

The Nintendo Switch has been the US’s bestselling console for 23 straight months

By
Photo by James Bareham / The Verge It’s been a good two years for the Nintendo Switch. According to Nintendo, the gaming tablet has been the bestselling console in the US for 23 straight months. And according to data from the NPD Group, it just had its best October ever, moving 735,926 units of both the Switch and Switch Lite in the US. The company says that represents a 136 percent increase compared to last year. To date, the Switch has sold 22.5 million units in the US, and last week Nintendo revealed that more than 68 million units have been sold globally . “We’re excited about our momentum,” says Nick Chavez, Nintendo of America’s SVP of sales and marketing. Chavez puts the company’s big October down to two main factors. One is a better supply of stock; this year in particular, it’s often been hard to find a Switch on store shelves. This has only been exacerbated by increased demand due to a combination of the pandemic and the breakout success of Animal Crossing: New Horizons . ...
Post a Comment
Read more

Instagram accidentally reinstated Pornhub’s banned account

By
After years of on-and-off temporary suspensions, Instagram permanently banned Pornhub’s account in September. Then, for a short period of time this weekend, the account was reinstated. By Tuesday, it was permanently banned again. “This was done in error,” an Instagram spokesperson told TechCrunch. “As we’ve said previously, we permanently disabled this Instagram account for repeatedly violating our policies.” Instagram’s content guidelines prohibit  nudity and sexual solicitation . A Pornhub spokesperson told TechCrunch, though, that they believe the adult streaming platform’s account did not violate any guidelines. Instagram has not commented on the exact reasoning for the ban, or which policies the account violated. It’s worrying from a moderation perspective if a permanently banned Instagram account can accidentally get switched back on. Pornhub told TechCrunch that its account even received a notice from Instagram, stating that its ban had been a mistake (that message itse...
Post a Comment
Read more

MVP versus EVP: Is it time to introduce ethics into the agile startup model?

By
Anand Rao Contributor Share on Twitter Anand Rao is global head of AI at PwC . The rocket ship trajectory of a startup is well known: Get an idea, build a team and slap together a minimum viable product (MVP) that you can get in front of users. However, today’s startups need to reconsider the MVP model as artificial intelligence (AI) and machine learning (ML) become ubiquitous in tech products and the market grows increasingly conscious of the ethical implications of AI augmenting or replacing humans in the decision-making process. An MVP allows you to collect critical feedback from your target market that then informs the minimum development required to launch a product — creating a powerful feedback loop that drives today’s customer-led business. This lean, agile model has been extremely successful over the past two decades — launching thousands of successful startups, some of which have grown into billion-dollar companies. However, building high-performing product...
Post a Comment
Read more