Parallax RAT
The Parallax RAT is a Remote Access Trojan that can give attackers control over your computer. Because the Trojan is available on a for-hire basis, its infection methods and goals can vary between attacks. As usual, it has capabilities suitable for dropping other threats or collecting data. Users should protect themselves with all appropriate security protocols and let their updated anti-malware software remove the Parallax RAT when required.
A Dirty RAT with Many Coats
Users believing everything they see from the files they download are soft and lucrative targets for a variety of cyber-threats, including file-locker Trojans, spyware, Web tactics, and Remote Access Trojans. A new version of the latter – also referable as a Remote Access Tool – is making underway under a multitude of disguises. While the Parallax RAT is a mercenary Trojan for hire, its uniform is anything that gets the victim to download it.
The Remote Access Trojan, an administrative tool for compromising and maintaining control over Windows computers remotely, is for sale on Black Hat websites and forums. Different samples bear various misleading names and credentials. Three current examples that malware experts point out include:
- 'SVCR,' a fake Windows component.
- Media such as news articles related to the Coronavirus outbreaks.
- Components related to software for the 'Interop' information tech conference.
There also are cases of the Parallax RAT executable with signed digital certificates. Such an inclusion enhances the Trojan's stealth and detection avoidance; it's an unexpected expenditure for Trojan campaigns that is, generally, the hallmark of higher-level threats and well-funded threat actors. Readers should note that these disguises are for the initial installation exploits, only, and are unhelpful for identifying system-persistent infections visually.
The Many Parallels between the Parallax RAT Business and Its Forebears
Remote Access Trojans tend towards well-explored means of exerting control over PCs and other devices at the behest of their ill-minded administrators. Hazards that malware experts recommend expecting from the Parallax RAT infections include:
- The collecting of credentials such as passwords from browsers.
- Keylogging (recording keyboards' keystrokes to a log).
- The downloading and installation of specialized secondary threats.
- Attackers deleting, moving or opening files at their leisure.
Meanwhile, the goals between each campaign may differ; the Parallax RAT is suitable for enabling attacks that ransom files, mine for cryptocurrency, or collect passwords, for instance, equally.
While the Parallax RAT is a general-purpose, Swiss Army Knife of a program, its current deployments are using spam e-mails for circulation. Users should watch for Excel spreadsheet attachments that carry reader-activated macros for their drive-by-download attacks. Up-to-date spreadsheet and document software should leave macros non-active, ordinarily. Current attacks also are business-themed and include fake references to product management demands and the Netflix streaming service.
Despite the certificates in some versions, more anti-malware brands than not are identifying the Parallax RAT. Scan your computer as soon as possible after suspected exposure for removing the Parallax RAT before changing passwords and re-securing the PC.
The Parallax RAT is capitalism at its darkest: a business that profits off of selling threatening software to criminals. The results are still under investigation, but can't be any better than the consequences of competing RATs like Saefko, the WSH RAT and countless others.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.