Ukrainian Police Nab Suspected RAT-Slinger

Security

Police in Ukraine have arrested a man who allegedly used a notorious Remote Access Trojan (RAT) to target thousands of users around the world.

A statement from the Ukrainian National Police on Friday said that cyber specialists on the force cuffed a 42-year-old man from Lviv on suspicion of using the DarkComet malware.

He’s said to have infected 2000 computers in 50 countries around the world.

On searching his machines, the police found the man installed “a Trojan virus administration program on his computer and modified it to send out client versions of the virus,” according to the statement.

These ‘clients’ are used to harvest data from infected machines. The malware has been around for at least six years and was even used by the Syrian regime to spy on activists and opposition groups.

It features multiple capabilities including keylogging, password and document theft, webcam monitoring, taking screenshots of the victim’s machine, and even disabling AV notification settings.

“The cyber police specialists analyzed the malware. It is found that the virus provides full remote access to controlled computers. In particular — the ability to download and upload files, manage startup and services, remotely manage the registry, install and remove programs, take screenshots from the remote screen, intercept microphone sound and video from embedded or external cameras,” the statement continued.

Perhaps most incriminating of all, the police found screenshots of infected victim computers on the arrested man’s machine.

Ukrainian police also issued a series of steps for users to take to check if their computer has been infected with DarkComet.

This involves checking if the machine is trying to communicate with IP address 193.53.83.233 on port 1604 or 81.

If so, they’re urged to use anti-malware program to remove the infection.

Products You May Like

Articles You May Like

Android Trojan steals money from PayPal accounts even with 2FA on
Volvo Trucks teases the all-electric semi truck it’s bringing to California in 2019
Adobe’s Year-End Update Patches 87 Flaws in Acrobat Software
Australia Passes Anti-Encryption Bill—Here’s Everything You Need To Know
McAfee Named a 2018 Gartner Peer Insights Customers’ Choice for Endpoint Protection Platforms

Leave a Reply

Your email address will not be published. Required fields are marked *