- This 2 TB Samsung 990 Pro M.2 SSD is on sale for $160 this Black Friday
- Buy Microsoft Visio Professional or Microsoft Project Professional 2024 for just $80
- Get Microsoft Office Pro and Windows 11 Pro for 87% off with this bundle
- Buy or gift a Babbel subscription for 78% off to learn a new language - new low price
- Join BJ's Wholesale Club for just $20 right now to save on holiday shopping
DDoS Protection Weaponized to Deliver RATs
Security researchers have discovered a new threat campaign designed to trick users into downloading malware capable of hijacking their machine.
Discovered by Sucuri, the attacks begin with a malicious JavaScript injection designed to target WordPress sites, resulting in a fake Cloudflare DDoS protection pop-up.
These have become increasingly popular over recent years as website owners struggle to detect legitimate users from pervasive bot traffic.
“Since these types of browser checks are so common on the web many users wouldn’t think twice before clicking this prompt to access the website they’re trying to visit. However, the prompt actually downloads a malicious .iso file onto the victim’s computer,” Sucuri said in a blog post.
“What most users do not realise is that this file is in fact a remote access Trojan (RAT), currently flagged by 13 security vendors at the time of writing this article.”
The malware in question was identified as the NetSupport RAT, linked to ransomware campaigns and downloads of data-stealing malware RacoonStealer.
“The infected computer could be used to pilfer social media or banking credentials, detonate ransomware, or even entrap the victim into a nefarious ‘slave’ network, extort the computer owner, and violate their privacy – all depending on what the attackers decide to do with the compromised device,” warned Sucuri.
The security vendor urged webmasters to keep all software updated, use strong passwords and two-factor authentication, deploy a firewall in front of their website, and use file integrity monitoring to better spot suspicious activity.
“RATs are regarded as one of the worst types of infections that can affect a computer as it gives the attackers full control over the device,” Sucuri concluded.
“At that point, the victim is at their mercy. Website owners and visitors alike must take any and all precautions to protect themselves.”