A new malware downloader has been identified that is being used to deliver 8 different malware payloads, including several Remote Access Trojans (RATs) and keyloggers. The malware has been named RATDispenser by security researchers at HP Wolf Security, who recently identified and analyzed the malware.
The malware delivered by RATDispenser can be used to obtain credentials and other sensitive data and gives the attacker backdoor access and full control of infected devices. Once sensitive data has been obtained, the threat actor could sell access to other threat groups, such as ransomware gangs.
The range of malware variants delivered by RATDispenser makes this malware particularly dangerous, made worse by the poor detection rates by many antivirus engines. Email security solutions use antivirus engines to detect malware and malicious files, but only 11% of the 77 antivirus systems on VirusTotal are currently identifying RATDispenser as malicious.
If you want to improve your defenses against malware and other email threats, give the TitanHQ team a call to find out more about SpamTitan Email Security. SpamTitan is available on a free trial to allow you to put the product to the test in your own environment and find out for yourself the difference it makes to email security.