Articles Trojan Alert - Borat RAT - Experts are worried...

Trojan Alert – Borat RAT – Experts are worried about the it’s functionalities


A new Trojan that provides operators with remote access (RAT) has appeared on darknet marketplaces. According to the description, the Borat malware is extremely easy to use and allows attackers to easily launch DDoS attacks, bypass User Account Control (UAC), and deploy ransomware on the victim’s network.

In addition, cybercriminals armed with Borat can gain full control over the user’s mouse and keyboard, as well as access to files. At the same time, the malware skillfully hides its presence and activity in the system. Borat allows operators to choose from several compilation options that create small payloads that target only a narrow set of tasks.

Researchers at Cyble discovered the Trojan in real attacks and analyzed its functionality.   It is not yet clear whether Borat is distributed for free or whether the authors sell it to other cybercriminals. The Cyble team noted that the malware comes as a package that includes a builder, modules, and a certificate for the server.  

The list of Trojan functions, each of which has its own module, is as follows:

Keylogger – monitors and records keystrokes, storing all this data in a TXT file.

Ransomware – deploys ransomware on the victim’s system, automatically generates a ransom note.

DDoS – sends junk traffic to the attacked server using the resources of a compromised device.

Audio stream recording – Records audio using a microphone on a compromised device, the corresponding files are stored in WAV format.

Video recording – if a camera is available on the device, the malware can record a video stream.

Remote Access РProvides remote desktop functionality to operators  

Credential Theft – Wool Chromium-based browsers, trying to pull logins and passwords.

Stealing Discord Tokens – Pulls Discord tokens from the victim’s system.

Must read

28 dangerous extensions detected for Google Chrome and Microsoft Edge

Avast experts have discovered malware hidden in at least 28 third-party...

Critical Infrastructure Warning! Millions of PLCs, switches, IoT devices are under threat

Eleven vulnerabilities, combined under the name Urgent / 11,...

Why Is It Important To Have Intrusion Detection And Prevention ?

This article describes why detection and prevention of burglaries...

The risk is real: attacks on OT infrastructure

Previously, many believed that attacks on an isolated OT...

Gitpaste-12: Linux bot armed with a dozen exploits

Researchers at Juniper Networks have discovered a Linux scripting...

Saferwall : Open Source Malware Analysis

Saferwall is an open source malware analysis platform. It...

Network Vulnerability Assessment ? Why Should Every Company Do it at least once a Year !

Network vulnerability assessment analyzes a variety of network issues,...

Artificial Intelligence and Cyber Security

As artificial intelligence intrudes into the world of cybersecurity,...

You might also likeRELATED
Recommended to you