The downloader has been detailed by cybersecurity researchers at HP Wolf Security, who’ve called it RATDispenser.
SEE: A winning strategy for cybersecurity (ZDNet special report)
Once installed, RATDispenser is used to distribute a range of different malware, including trojans, keyloggers and information stealers, all designed to steal sensitive data from the user.
The most frequently distributed malware downloads are STRRAT and WSHRAT, which account for four in five of the analysed samples. But other forms of malware RATDispenser have been distributed, including invasive information stealers such as Adwind, Formbook, Remcos, Panda Stealer, GuLoader and Ratty.
Some of these trojans, like Panda Stealer, are relatively new, having only been discovered this year, while others, such as WSHRAT, have been