Based on Java (1.5), this malicious program hides itself in an image that displays itself as an email link. This Trojan can steal usernames, passwords and other personal data by recording keystrokes, Microsoft warns on Twitter.
The latest version (1.5) of the Java-based STRRAT malware was distributed during a major email campaign last week. This RAT is notorious for its ransomware-like behavior for adding file name extensions.Crimson without encrypting files. pic.twitter.com/mGow2sJupN
– Microsoft Security Intelligence (sMsftSecIntel) May 19, 2021
It acts like ransomware
Its mode of operation is particular. Because it acts like ransomware. So, once used, it adds the file name extension. Crimson for files on the computer but did not actually encrypt them. A question to distract the victim, he only deals with a ransomware, but not a remotely operating Trojan.
To spread, the malware can be relied upon to distribute payment emails to the victim. To find the amount, you are asked to click on what looks like a link in PDF format. Once the victim opens the file, they download the malware and the hacker can access their computer, watch out for our colleagues.
The campaign still seems to be going on. Hackers can extend it to various data collected that allow access to victims’ emails.
The best way to protect yourself from STRRAT is not to click on the image that acts as the link. It is good to be wary of any emails that the reporter does not know, especially if the subject is financially gainful. Installing an antivirus that scans email will also protect against attacks.
“Avid writer. Subtly charming alcohol fanatic. Total twitter junkie. Coffee enthusiast. Proud gamer. Web aficionado. Music advocate. Zombie lover. Reader.”