BitRAT malware caught stealing financial information

Share post:

Qualys discovered evidence of a database dump containing 418,777 records obtained by exploiting SQL injection flaws with a new malware campaign.

The new campaign used sensitive information stolen from a bank as a lure in phishing emails to drop a remote access trojan known as BitRAT.

BitRAT is a well-known remote access trojan (RAT) that is sold on underground cybercrime web markets and forums. Its $20 price tag for lifetime access makes it irresistible to cybercriminals and aids in the spread of the malicious payload.

Furthermore, because BitRAT can be used in a variety of operations, such as trojanized software, phishing, and watering hole attacks, each buyer’s modus operandi makes it even more difficult to stop.

Over 400,000 data points, including identification numbers, names, phone numbers, and payment records, are used to persuade people to click on a malicious link. This installs BitRAT, a powerful malware that spies on users, installs cryptomining software, and can steal credentials.

The hacking gang behind the campaign is currently unknown, but they are thought to have breached the IT infrastructure of a Colombian cooperative bank using SQL injection flaws. This is a common technique in which hackers manipulate a database to generate an error message that allows them to learn about the database’s structure.

According to Qualys, the data does not appear to have been used or shared elsewhere, implying that it was stolen specifically for the scam.

The sources for this piece include an article in TheHackerNews.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Cyber Security Today, March 27, 2024 – A botnet exploits old routers, a new malware loader discovered, and more warnings about downloading code from...

This episode reports on a new network of 40,000 infected small and home office routers and other devices that are part of a criminal botnet

Cyber Security Today, March 25, 2024 – A suspected China threat actor going after unpatched F5 and ScreenConnet installations

This episode reports on a new campaign stealing email passwords ,the latest data breaches

A hacker’s view of the civic infrastructure: Hashtag Trending, the Weekend Edition for March 23rd, 2024

What does the civic infrastructure look like through the eyes of a hacker? The legendary general Sun Tzu in the Art of War said that in order to defeat your enemy, you must first understand your enemy. How do you do this? He said, “to know your enemy, you must become your enemy.” If we

Cyber Security Today, Week in Review for week ending Friday, March 22, 2024

This episode features discussion on lessons learned from the ransomware attack on the British Library, advice for managing expectations of IT/security teams, why firms are leaving Google Firebase unprotecte

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways