GovRat resurges to threaten government, military in version 2.0

The cyberespionage tool GovRat has made a comeback threatening US military and government. Although attacks linked to the malware go back to 2014, it was only discovered last year by InfoArmor.
GovRat was developed by a hacker called “bestbuy” and was available for purchase for 4.5 bitcoins on The Real Deal market. Researchers believe the cybercriminal responsible for GovRat is part of a larger group “selling stolen and fake digital certificates for mobile and PC-based malware code-signing, used to bypass modern AV solutions for other possible APT campaigns.” Members are believed to be behind the attacks on Ashley Madison and AdultFriendFinder.
The hacker has now released a new and more sophisticated version – GovRat 2.0. “After my rat was used for some high profile hacks, I have decided to re-write the code to ensure it remains FUD,” he wrote on the forum.
The malware is “100% FUD – tested with the strictest firewall policies and AV rules.” Features include network shares and password dumping, Tor support, worm capabilities, keylogging, cleartext network and a password sniffer. The malware can”t be blocked as it uses Windows APIs to communicate, and it can spread via USB and network shares. The most recent version can be purchased on Hell Forum at prices from $1,000 to $6,000, depending on the modules.
Bestbuy is believed to also be working with Peace, aka Peace_of_Mind, the hacker who launched attacks on LinkedIn and Yahoo, who may have provided him with 33,000 credentials from educational and research organizations, as well as US government.
tags
Author
Right now
Top posts
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns
January 19, 2023
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps
November 29, 2022
How to monitor your online privacy during your Thanksgiving trip
November 22, 2022
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info
November 16, 2022
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be
November 14, 2022