Experts report about a new malware named RATDispenser, which employs unique techniques to evade detection. Unfortunately, only 11 percent of available antivirus systems can detect this dangerous malware.
Malware, a shortcut for "malicious software," is a common problem. This is often a file or code delivered to explore, corrupt and steal information from an infected device. To counter the growing threat, antivirus systems update their programs to detect and delete malware. Unfortunately, one malware seemed to outsmart them.
Cybersecurity researchers at HP Wolf security discovered the RATDispenser malware. They explained their research findings in a blog post.
RATDispenser Malware: The Dangerous Threat
According to researchers, RATDispenser is predominantly used as a dropper. It distributes a lot of different malware families, some being keylogger, information stealer, remote access trojans (RATs) and more!
Although its main purpose is to distribute and deliver malware, RATDispenser could also be used to open backdoors on infected devices. This means malicious actors can access an infected device remotely and steal their accounts.
RATDispenser is primarily used for hacking cryptocurrency wallets. In some cases, hackers can execute ransomware attacks on the victim.
Malware RATDispenser Attack Path
RATDispenser in the Underground Marketplace
Even worse, experts speculate that RATDispenser might be a growing threat. According to TechRadar, researcher Patrick Schlapfer said, "the variety in malware families, many of which can be purchased or downloaded freely from underground marketplaces, and the preference of the malware operators to drop their payloads, suggest that the authors of RATDispenser may be operating under a malware-as-a-service business model."
This implies that hackers can hire RATDispenser to distribute their malware on selected targets.
How to Avoid RATDispenser Malware
To avoid falling victim to RATDispenser, users are recommended to follow the following suggestions:
- Do not download files from the internet. Malicious actors are taking full advantage of the internet to deliver malware payloads via multimedia files. If it is unavoidable, only download files from recipients and websites you trust.
- Do not click on suspicious URLs. As seen on RATDispenser, some malicious files automatically download themselves after running on the device. This is why users should never link on suspicious links, especially from emails or messages with unknown senders.
- Update and improve account security. One of the best ways to secure an account is to use a strong password. It is recommended that users change these passwords once every few months to boost security further.