One Article Review
| Source |  TrendLabs Security |
|---|---|
| Identifiant | 1175 |
| Date de publication | 2016-05-03 19:00:34 (vue: 2016-05-03 19:00:34) |
| Titre | Lost Door RAT: Accessible, Customizable Attack Tool |
| Texte | We recently came across a cyber attack that used a remote access Trojan (RAT) called Lost Door, a tool currently offered on social media sites. What also struck us the most about this RAT (detected as BKDR_LODORAT.A) is how it abuses the Port Forward feature in routers. Using this feature enables remote systems to connect to a specific computer or service within a private local-area network (LAN). However, when used maliciously, this feature allows remote attackers to mask their activities in the network and avoid immediate detection. Because this RAT is easy to customize, even knowledge of the indicators of compromise (which may change as a result) may not be sufficient in thwarting the threat. Easily customizable RATs like Lost Door can be hard to detect and protect against, posing a challenge to IT administrators.Its maker, “OussamiO,” even has his own Facebook page where details on his creation can be found. He also has a dedicated blog (hxxp://lost-door[.]blogspot[.]com/) where tutorial videos and instructions on using the RAT is found. Any cybercriminal or threat actor can purchase and use the RAT to launch attacks.Post from: Trendlabs Security Intelligence Blog - by Trend MicroLost Door RAT: Accessible, Customizable Attack Tool |
| Envoyé | Oui |
| Condensat | about abuses access accessible across activities actor administrators against allows also any area attack attackers attacks avoid because bkdr blog blogspot called came can challenge change com/ compromise computer connect creation currently customizable customize cyber cybercriminal dedicated details detect detected detection door easily easy enables even facebook feature forward found from: hard has his how however hxxp://lost immediate indicators instructions intelligence its knowledge lan launch like local lodorat lost maker maliciously mask may media microlost most network not offered own page port posing post private protect purchase rat rat: rats recently remote result routers security service sites social specific struck sufficient systems threat thwarting tool trend trendlabs trojan tutorial use used using videos what when where which within “oussamio |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.