Adwind, a Remote Access Trojan (RAT) previously connected to attacks against industries worldwide, is back with a new toolkit designed to trick antivirus programs into allowing the malware to exploit systems.
On Monday, cybersecurity researchers from Cisco Talos, together with intelligence partner ReversingLabs, released the results of an investigation into the Adwind Trojan’s latest campaign.
Also known as AlienSpy, JSocket, and jRat, the Trojan is a malware variant that contains a wide variety of ‘skills.’
Not only is the RAT able to collect PC information and keystrokes, as well as steal credentials and data submitted via web forms, the malware is also able to record video, sound, and take screenshots. The Trojan is also able to tamper with system files and transfer content without user consent.
Read more here