Borat RAT malware: a 'unique' triple threat that is far from funny

Cyble

A new Remote Access Trojan (RAT) might have an amusing name to some, but its capabilities show the malware to be no laughing matter.

Dubbed Borat RAT, Cyble Research Labs said in a recent malware analysis that the new threat doesn’t settle for standard remote access capabilities; instead, Borat RAT also includes spyware and ransomware functions.

According to the cybersecurity researchers, the Trojan, named after the character adopted by comedian Sacha Baron Cohen, is offered for sale to cybercriminals in underground forums.

Borat RAT has a centralized dashboard and is packaged up with a builder, feature modules, and a server certificate.

The malware’s capabilities are vast and include a keylogger, a ransomware encryption and decryption component — as well as the option for users to generate their own ransom notes — and an optional distributed denial-of-service (DDoS) feature for “disrupting the normal traffic of a targeted server,” according to Cyble.

Some of Borat RAT’s marketed capabilties

Cyble

The use of ‘RAT’ in the name is a clue to the remote and surveillance features of the malicious software. Borat RAT can remotely record a machine’s audio by compromising its microphone, capture webcam footage, and also contains a host of

Read More: https://www.zdnet.com/article/borat-rat-malware-a-unique-triple-threat-that-is-far-from-funny/#ftag=RSSbaffb68