The era of digital theft as we know it is not characterized by ‘honor among thieves.
A malware campaign recently discovered suggests that hackers are now being targeted by other malicious hackers who are infecting and repackaging popular hacking tools with malware.
Cybereason states that with utilizing existing hacking tools such as cracks, product key generators, and modified download managers, the attackers used remote-access Trojans to exploit traditional security weaknesses. The hacker gains full access to a target’s computer when these tools are opened.
This practice of “baiting” other hackers by posting re-packaged tools on hacking forums.
The issue of hacker-vs-hacker attacks goes much deeper than that. Cybercriminals repackage malicious tools to gain access to other systems as well as open a back door into their own systems. As long as your assets are also hacked when hackers are targeting your business or you, then whoever uses these trojanized tools will have access to your assets as well.
Researchers who work on offensive security engagements will be included.
Researchers discovered that the undetected hackers were injecting the njRat Trojan with each hacking tool, which gave the hackers full access to the computer’s desktop, cameras, and microphones. At least since 2013, the Trojan has been used against Middle Eastern targets regularly.
The inclusion of injecting malware into dormant or insecure websites has been a recent trend in attacks aimed at evading detection along with phishing emails and flash drives. The Islamic State’s propaganda unit website was targeted by hackers in 2017 using the same tactic.
Using the same website-hacking technique, the attackers hosted njRat when they began this latest attack. In addition to hosting hundreds of njRat malware samples, these sample hosts were used to manage the malware samples. The attackers had compromised multiple websites without the knowledge of their owners.
According to them, njRat is injected into hacking tools almost every day, and that process may be automated, indicating that attacks do not usually require direct human involvement.
This campaign may be based on some legitimate reasons but it’s unclear who’s behind it!
Malware Can Infect A Computer. How Can You Prevent This From Happening?
When two crooks spar, you are the one who stands to lose! Here are a few steps you can take to protect your devices from malware infection:
- Set up an antivirus software program
Installation of anti-virus software is one of the best ways to safeguard against any malware damaging your system. As it scans and cleans your computer, you will be protected against newly created viruses.
Quick note: Update the antivirus software as soon as the notification pops up!
- Only purchase apps from reputable sources
Your device is less likely to be infected with malware when you purchase apps from trusted sources. If you would like to verify a source, you can check the app description in the Google Play or Apple app store.
- Downloading attachments from unknown sources or clicking on suspicious links could be harmful
Hackers still use phishing emails to spread malware on your device. Fraudulent emails and links that appear to come from reputable companies and legitimate sources can be used to trick people into opening them. Do not click if you have any doubts.
Conclusion
Crimes combine old and new attacks to cause maximum damage in this highly lucrative form of attack, which has proven extremely profitable. Even more ugly fights can ensue when two hackers come up against each other. But, you know what to do!
Author Bio
Neha Singh is the Founder & CEO of Securium Solutions with a demonstrated history of working in the information technology and services industry. She is skilled in ECSA, Vulnerability Management, Security Information and Event Management (SIEM), Management, and Business Development. She loves traveling and trekking.