Skip to content

A ‘Triple Ransomware’ threat is here

Advantage Aware

A new type of ‘Remote Access Trojan’ (RAT) has been released and is being used to spread ‘Distributed Denial of Service’ (DDoS) and ransomware attacks. Dubbed the ‘Borat RAT’, it comprises of ransomware, spyware, and RAT.

With hidden VNC abilities, vast surveillance features, microphone and video capture capabilities and file exfiltration toolkits, the Borat RAT is extremely sophisticated, empowering an attacker with abilities to cause a system-wide disruption. Threat intelligence company, Cyble, investigated this threat. In their deep dive, they found alarming ‘features’ of the Borat RAT.

Annoyance capabilities are also included, such as changing keyboard keys, switching monitors, and changing ‘mouse click’ settings. Chrome browsers appear to be the most impacted and is readily available on the dark net.

The FBI recently released the 2021 Internet Crime Report which indicated cybercrime losses of almost 7 billion USD in 2021. The report states that the evolution of tactics and techniques demonstrates threat actors’ increasing technological sophistication.

What can we do?

  • Be wary of links within emails
  • Use strong passwords with MFA
  • Conduct regular backups
  • Use a well reputed anti-virus

More advanced defence strategies include:

  • Endpoint security
  • The ability to micro-segment if an endpoint has been compromised
  • Employing operational intelligence within your IDS/IPS
  • Real-time logging analysis with machine learning
  • A SOC team that can initiate action-based response

Defence-in-depth, firewall and antivirus may provide some protection against attacks, but an adaptive defence approach is the best strategy. Risk mitigation resources are expensive, time consuming, and present unrealistic technical requirements to many businesses. A Managed Security Service Provider (MSSP) can offer solutions that meet defence requirement requiring a reasonable budget.

An MSSP will be expected to provide all the defence strategies listed above, along with advice and help with implementation. Options could include cloud backup, 24/7 SOC availability with real-time monitoring, end-point security, zero trust architecture, tailored support solutions, access to global and local threat intelligence feeds, micro-segmentation tools and provide skilled dedicated security advisors.

Are you ready to take charge?  

Dr Antony
PhD, MISDF (1st Class), MBA
Senior Cyber Security Engineer


Related Posts

Hackers don’t go on leave – even if the rest of the world does

While you’re decking the halls with holly and reveling in the long-awaited holidays, other folks are hard at work through their ‘busy time’. It’s not just the hospitality industry expecting a bumper Christmas either – hackers, scammers, and other online miscreants see December and January as one of the most potentially lucrative periods of the year.
The global cost of a data breach last year was USD $4.45 million. This is an increase of 15% over three years. As we step into 2024, it’s crucial to be aware of emerging technology threats.
In the pulsating digital landscape, every click and keystroke echoes through cyberspace. The battle for data security rages on.