April 20, 2022
4 mins read

Revenge Rat Targets Your Computer

Researchers reported that Revenge RAT, a Trojan that targets the Windows platform, is the most prevalent malware targeting 6 percent of UAE businesses…reports Asian Lite News

Check Point Research (CPR), the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber security solutions globally, has published its latest Threat Index for March 2022. Researchers reported that Revenge RAT, a Trojan that targets the Windows platform, is the most prevalent malware targeting 6 percent of UAE businesses, while Emotet reenlists to second place by impacting 5 percent of the organizations in the UAE.

Remote access trojans (RATs) are malware designed to allow an attacker to remotely control an infected computer. Once the trojan is running on a compromised system, the attacker can send commands to it and receive data back in response. Revenge RAT was the most prevalent malware in the UAE this month. It accepts commands from a remote server to collect system information, run/update files from links or disks, load plugins and close/restart the malware among other malicious activities. Additionally, it creates a Run key Registry entry on the infected system and a shortcut under the user’s Startup folder to achieve persistence.

ALSO READ: Global IT and business services market expected to grow by 5.6 %

Emotet, the self-propagating and modular trojan, is second in the top malware index for the UAE. Emotet distributes other malware or malicious campaigns and uses multiple methods for maintaining persistence and evasion techniques to avoid detection. Since its return in November last year and the recent news that Trickbot has shut down, Emotet has been strengthening its position as the most prevalent malware worldwide. This was solidified even further this month as many aggressive email campaigns have been distributing the botnet, including various Easter-themed phishing scams exploiting the buzz of the festivities. These emails were sent to victims all over the world with one such example using the subject “buona pasqua, happy easter” yet attached to the email was a malicious XLS file to deliver Emotet.

Ram Narayanan, Country Manager at Check Point Software, Middle East: “In recent years, technology has advanced to the point where cybercriminals are increasingly relying on human trust to hack corporate networks. In the last six months, an organization in the United Arab Emirates has been targeted an average of 792 times per week, with 95 percent of malicious files delivered by email in the last 30 days. The fact that cyber criminals are using themed phishing emails around seasonal holidays to exploit the excitement surrounding the festivities to lure victims, is a proof that cyber criminals have become relentless in their actions. Revenge RAT has replaced the intensity with which Emotet attacked UAE businesses, so it is imperative that organizations take immediate action to avoid becoming the next victims.”

CPR also revealed this month that Healthcare is the number one most attacked industry in the UAE, followed by Finance/Banking and Retail/Wholesale industries. “Remote Code Execution” is now the most commonly exploited vulnerability, impacting 56% of organizations in the UAE, while “Information Disclosure” takes the second spot, impacting 54% of organizations. “Authentication Bypass” vulnerability keeps a hold of third place with a global impact of 44%.

Top Malware Families

*The arrows relate to the change in rank compared to the previous month.

This month, Revenge RAT is the most popular malware with a global impact of 6 % of organizations worldwide, followed by Emotet and Wasted Locker with an impact of 5% and both impacting 4% of organizations respectively.

↑ Revenge RAT – Revenge RAT is a Trojan that targets the Windows platform. This malware accepts commands from a remote control server to collect system information, run/update file from link or disk, load plugins, close/restart the malware among other malicious activities. Additionally, it creates a Run key Registry entry on the infected system and a shortcut under the user’s Startup folder to achieve persistence.

↑ Emotet – Emotet is an advanced, self-propagate and modular Trojan. Emotet once used to employ as a banking Trojan, and recently is used as a distributer to other malware or malicious campaigns. It uses multiple methods for maintaining persistence and evasion techniques to avoid detection. In addition, it can be spread through phishing spam emails containing malicious attachments or links.

↔ Wasted Locker – Wasted Locker is post-intrusion ransomware of the same ilk as Samsa, Maze, EKANS, Ryuk, BitPaymer. This type of ransomware differs from large-volume, victim-agnostic ransomware variants like WannaCry by targeting an organization perceived as having a large number of assets, successfully breaching it, and then deploying specially crafted ransomware to as many systems as possible within that organization in a short timeframe to maximize impact and increase chances of receiving a much larger ransom payment.

Previous Story

Boris will be in India during Partygate vote

Next Story

New Delhi’s geopolitical and logistical outreach to Central Asia

Latest from Arab News

ISI Steers Bangladesh Closer to Turkey

The Jamaat-e-Islami, at the behest of the ISI, coaxed the Muhammad Yunus government to stitch a closer alliance with Turkey. …reports Asian Lite News Bangladesh, which is facing turmoil following the fall

Jordan woos Indian investors

Jordan seeks to attract Indian investors in IT, AI, pharmaceuticals, and green energy, building on USD 3 billion trade ties and deep-rooted diplomatic relations dating back decades….reports Asian Lite News Jordan is

Erdogan Raises Kashmir Again at UNGA

Erdogan had supported Pakistan on Kashmir earlier as well and called for UN dialogue to address the issue…reports Asian Lite News At the 80th UNGA session, Turkish President Recep Tayyip Erdogan raised

Riyadh and Islamabad Forge Closer Military Ties

Saudi Arabia and Pakistan strengthen defence ties as shifting regional dynamics push both nations to seek new security alignments Saudi Arabia and Pakistan have deepened their long-standing military partnership by agreeing to

Saudi-Pak deal won’t dent India ties

Analysts emphasise that Saudi Arabia remains a key strategic and economic partner for India, with bilateral trade reaching $41.88 billion in FY 2024-25, far outpacing its $3–4 billion trade with Pakistan. India
Go toTop

Don't Miss

MBRSC, Khalifa University to collaborate on lunar mission

The MoU was signed by Salem Humaid Al Marri, Director-General,

UAEU to align its strategy with 10 guiding principles

The Council of the UAE University met recently, under the