- The RAT malware enables perps to control and retrieve sensitive information remotely.
- The RAT is available for sale on the dark web and can be used to look for information regarding credit cards.
The researchers at Zscaler ThreatLabZ have identified a new remote-access trojan (RAT). The malware, named Saefko retrieves Chrome browser history in a search for cryptocurrency-related transaction or activity. The malware is written in .NET and can be purchased on the dark web. In addition to crypto activities, RAT also looks for data relating to credit cards, business, social media, gaming, and online shopping.
RAT is a type of malware that has a backdoor, which allows perpetrators to control a device remotely. In doing this, the intruder can monitor user behavior, access sensitive data, activate a webcam, take screenshots, and format drives and other things. Once RAT infects the device, it stays in the background activating and executing every time the person logs in. By not downloading any programs or opening attachments from unknown sources, one can protect themselves against Saefko. Blocking unused ports, switching off unused services, and monitor all outgoing traffic certainty helps as well.