No-Joke Borat RAT Propagates Ransomware, DDoS

This fresh malware strain extends the functionality of typical trojans with advanced functionality and a series of modules for launching various types of threat activity.

Attackers are using a newly released remote access trojan (RAT) to spread ransomware and distributed denial of service (DDoS) — in addition to the traditional RAT function of backdooring victims’ systems.

Researchers at Cyble Research Labs discovered the RAT, which they dubbed Borat RAT because it uses a photo of Sacha Baron Cohen, the comedian who created and portrayed the fictional character Borat in a popular series of mockumentary films.

Borat RAT, however, is not “verrry nice” — contrary to one of the most popular catchphrases of the character for which it’s named. It provides a range of advanced features as well as a dashboard for threat actors to perform various malicious activities beyond what other RATs can do, “further expanding the malware capabilities,” researchers said in a blog post about the malware.

“The Borat RAT is a potent and unique combination of remote-access trojan, spyware and ransomware, making it a triple threat to any machine compromised by it,” according to the post.

Attack Launchpad

As described by Cyble Research Labs, the

Read More: