BitRat Malware Gnaws at Victims With Bank Heist Data

  /     /     /  
Publicated : 23/11/2024   Category : security


BitRat Malware Gnaws at Victims With Bank Heist Data


Attackers have compromised a Colombian financial institution and are using a bevy of leaked customer details in further malicious activity to spread an info-gathering remote access Trojan (RAT).



Threat actors are using data stolen from a Colombian bank as a lure in what appears to be a malicious campaign aimed at spreading the BitRAT malware, researchers have found. The activity demonstrates the evolution of how attackers are using commercial, off-the-shelf malware in
advanced threat scenarios
, they said.
Researchers at IT security and compliance firm Qualys were investigating multiple lures for BitRAT when they identified that the infrastructure of a Colombian cooperative bank had been hijacked. Attackers were using sensitive data gleaned from that compromise to try to capture victims, they reported
in a blog post
published Jan. 3.
While digging deeper into the infrastructure, we identified logs that point to the usage of the tool
sqlmap
to find potential SQLi faults, along with actual database dumps, Akshat Pradhan, senior engineer of threat research at Qualys, wrote in the post.
Overall, threat actors leaked 4,18,777 rows of sensitive data from the banks customers, including details such as Colombian national ID numbers — called Cedula numbers — as well as email addresses, phone numbers, customer names, payment records, salary, home addresses, and other data, researchers said.
So far, researchers have not seen the data dumped on any hacker forums or Dark Web sites, and are following standard breach-disclosure guidelines as they further investigate, they said.

Last News

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security

▸ Criminal Possession of Government-Grade Stealth Malware ◂
Discovered: 23/12/2024
Category: security

▸ Senate wants changes to cybercrime law. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
BitRat Malware Gnaws at Victims With Bank Heist Data