HP Menace Evaluation dubbed The mannequin new, evasive loader “RATDispenser,” with the malware Responsible for deploying A minimal of eight completely different malware households in 2021. Round 155 samples of this new malware have been found, unfold throughout three completely different variants, hinting that It is beneath lively enchancment.
“RATDispenser is used To understand an preliminary foothold on a system earlier than launching secondary malware that establishes administration over the compromised system,” safety researcher Patrick Schläpfer said. “All of the payloads have been RATs, designed to steal information And provides attackers administration over sufferer mannequins.”
RATDispenser has been noticed dropped completely different Kinds of malware, collectively with STRRAT, WSHRAT (aka Houdini or Hworm), AdWind (aka AlienSpy or Sockrat), Formbook (aka xLoader), Remcos (aka Socmer), Panda Stealer, CloudEyE (aka GuLoader), and Ratty, every of That are outfitted to siphon delicate knowledge from the compromised mannequins, Together with concentrating on cryptocurrency wallets.
“The variability in malware households, Lots of which Might be purchased or downloaded freely from beneathground marketplaces, and the choice of malware operators to drop their payloads, advocate that the authors of RATDispenser Might Even be working beneath a malware-as-a-service enterprise mannequin,” Schläpfer said.