Security
Headlines
HeadlinesLatestCVEs

Headline

Novel Nerbian RAT Lurks Behind Faked COVID Safety Emails

Malicious emails with macro-enabled Word documents are spreading a never-before-seen remote-access Trojan, researchers say.

DARKReading
#vulnerability#mac#backdoor#auth

Phishing emails purporting to contain COVID-19 safety information from the World Health Organization (WHO) are instead phishing lures intended to spread a novel remote-access Trojan (RAT) called Nerbian.

A team of Proofpoint researchers have published a report noting that so far, the Nerbian RAT, first spotted on Apr. 26, has spread primarily throughout Italy, Spain, and the UK. Notably, Nerbian is written in the Go language, taking advantage of several open source libraries, the analysts added.

The RAT leverages multiple anti-analysis components and has cyber espionage modules for keylogging and screen grabs, researchers said, in addition to typical backdooring functionality.

Nerbian got its name directly from the malware code, the researchers explained, which references the name of a fictional place from the novel Don Quixote.

"Malware authors continue to operate at the intersection of open-source capability and criminal opportunity,” Sherrod DeGrippo, vice president of threat research and detection at Proofpoint, told Dark Reading in an emailed statement.

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Related news

Fake WHO Safety Emails on COVID-19 Dropping Nerbian RAT Across Europe

By Deeba Ahmed The novel Nerbian RAT (remote access trojan) is currently targeting’ entities in Spain, Italy, and the United Kingdom.… This is a post from HackRead.com Read the original post: Fake WHO Safety Emails on COVID-19 Dropping Nerbian RAT Across Europe

DARKReading: Latest News

DDoS Attacks Surge as Africa Expands Its Digital Footprint