Home / / Java RAT attacking users in UAE and UK

Java RAT attacking users in UAE and UK

Individuals being targeted by Java Trojan that can take over PCs

Java RAT attacking users in UAE and UK
Symantec is warning of Java Remote Access Trojan attack that can take over a user's PC.

Symantec is warning of a Java attack that appears to be mainly targeting users in the UAE and UK.

The Java remote access Trojan (JRAT) is being sent to users in a spam campaign, as an attachment to an email that claims the Trojan is a payment certificate.

If the attachment is opened, the JRAT will infect the computer, potentially giving attacks full control over the infected device.

The security company said that while this particular JRAT is nto new, it appears to have been customised for the campaign, and the attacks appear to be targeting specific individuals.

The JRAT seems to be aimed at individuals, Symantec said, due to the low number of victims, a unique dropper, one command-and-control (C&C) server and the fact that the majority of these spam messages were sent to personal email addresses.

The malicious email attachment, which has the file name Paymentcert.jar, is detected as Trojan.Maljava. If the Trojan is executed, it will drop JRAT, detected as Backdoor.Jeetrat, on the compromised computer. The RAT not only affects Windows PCs, but also Linux, Mac OSX, FreeBSD, OpenBSD, and Solaris computers. This RAT is not new, as we have seen it in previous targeted attacks. JRAT's builder, as seen in the following image, shows just how easy it is for an attacker to create their own customized RAT.

Symantec is advising users not to open attachments on unsolicited or suspicious emails.

ACN is still looking for your input to our 2014 Security Behaviour Survey. Click the link to complete the survey and enter the draw to win an iPad Air.

Follow us to get the most comprehensive IT Security news delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.