Best Top Reviews Online

Hackers Are Attempting To Trick Victims Into Downloading BitRat Malware By Using Stolen Bank Information

A new malware campaign has been observed using sensitive bank information as bait in phishing emails to deliver the BitRAT remote access trojan.

It is believed that an unknown adversary hacked into the IT infrastructure of a Colombian cooperative bank and used the information to craft convincing decoy messages designed to trick victims into opening suspicious Excel attachments.

Qualys, a cybersecurity firm, discovered evidence of a database dump containing 418,777 records that were allegedly obtained by exploiting SQL injection vulnerabilities.

Cédula numbers (a national identity document issued to Colombian citizens), email addresses, phone numbers, customer names, payment records, salary information, and addresses are among the leaked details.

There are no indications that the information has previously been shared on any forums on the darknet or clear web, suggesting that the threat actors themselves gained access to customer data to conduct phishing attacks.

The Excel file containing the exfiltrated bank data also contains an embedded macro that downloads a second-stage DLL payload that is configured to retrieve and execute BitRAT on the compromised host.

“It utilizes the WinHTTP library to download BitRAT embedded payloads from GitHub to the %temp% directory,” researcher Akshay Pradhan from Qualys explained.

The repository, which was established in mid-November 2022, is used to host obfuscated BitRAT loader samples that are ultimately decoded and launched to complete infection chains.

BitRAT, an off-the-shelf malware that can be purchased on underground forums for a mere $20, is equipped with a variety of features to steal data, harvest credentials, mine cryptocurrency, and download additional binaries.

“Commercially available RATs have evolved their methods for spreading and infecting their victims,” said Pradhan. “They have also increased their use of legitimate infrastructures to host their payloads, which must be accounted for by defenders.”

Why Trust Us?

Best Top Reviews Online was established in 2018 to provide our readers with detailed, truthful, and impartial advice on what to buy. We now have millions of monthly users from all over the world and annually evaluate over a thousand products.

The above article was written by the BestTopReviewsOnline team, which consists of some of the most knowledgeable technical experts in the United States. Our team consists of highly regarded writers with vast experience in smartphones, computer components, technology apps, security, and photography, among other fields.

Related Stories

  • All Post
  • Best Picks
  • Explainers
  • How To
  • News
  • Versus

Get more info

Deals

Reviews

Best Products

Buying Guides

Contact Us

About Us

We provide a platform for our customers to rate and review services and products, as well as the stores that sell them. We research and compare the most popular brands and models before narrowing it down to the top ten, providing you with the most comprehensive and reliable buying advice to help you make your decision.

Disclaimer

BestTopReviewsOnline.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com. As an Amazon Associate I earn from qualifying purchases.

 

Address & Map

20 S Santa Cruz Ave, Suite 300, Los Gatos, CA 95030, United States

© 2022 BestTopReviewsOnline.com Pty. Ltd. All Rights Reserved. Licensing: All third-party trademarks, images, and copyrights used on this page are for comparative advertising, criticism, or review. As this is a public forum where users can express their opinions on specific products and businesses, the opinions expressed do not reflect those of BestTopReviewsOnline.com.