Hackers targeting Arabic-speaking countries with malicious Microsoft Office documents


The malware is a Remote Access Trojan, also known as a RAT, that Talos analysts Warren Mercer, Paul Rascagneres, Vitor Ventura, and Eric Kuhla named “JhoneRAT” because it checks for new commands in the tweets from the handle @jhone87438316. The handle was suspended by Twitter, but JhoneRAT looks for new commands every 10 seconds using and HTML parser to identify new tweets. 





Like it? Share with your friends!

What's Your Reaction?

Angry Angry
0
Angry
Confused Confused
0
Confused
Buffoon Buffoon
0
Buffoon
Cry Cry
0
Cry
Cute Cute
0
Cute
WOW WOW
0
WOW
Dislike Dislike
0
Dislike
Fail Fail
0
Fail
Geek Geek
0
Geek
Like Like
0
Like

Send this to a friend