Saturday, January 16, 00:49
Home security Hackers target other hackers through trojanized hacking tools

Hackers target other hackers through trojanized hacking tools

In recent years, one mysterious hacking team creates trojanized hacking tools, which are aimed at infecting fellow hackers for the purpose of acquisition access to computers their.

According to a company report Cybereason, trojanized tools are infected with a version of it nRAT malware, which allowed the hacking team to gain access to systems other hackers.

"To me, it seems that an individual or a group of people has found a smart way to acquire access on more machines, "said Amit Serper, a Cybereason executive.

"Instead of directly violating the machines, they choose to infect the tools, there they are circulate for free and hack people who use them, "said Serper, referring to an already well-known tactic where hackers steal data that have been hacked by rivals.

Thousands of trojanized hacking tools have been around for years

Serper said the Cybereason Nocturnus investigation team has identified it over 1.000 samples of njRAT, but he believes there are many more that have not yet been discovered.

Trojanized tools have been around for many years, but Serper says this mysterious hacking team creates and releases new versions of the tool almost daily.

According to Cybereason, backdoored tools are freely available on hacking forums and blogs. Some of the trojanized apps are common hacking tools, while others are cracks programs, which allow wannabe hackers to use hacking tools without paying.

The trojanized tools that Cybereason found include site scrapers, exploit scanners, Google dork generators, tools for performing automatic SQL infections, tools for brute-force attacks and tools to verify their validity credentials that have leaked.

The word 'password' is pictured on a computer screen in this picture illustration taken in Berlin May 21, 2013. The Financial Times' website and Twitter feeds were hacked May 17, 2013, renewing questions about whether the popular social media service has done enough to tighten security as cyber-attacks on the news media intensify. The attack is the latest in which hackers commandeered the Twitter account of a prominent news organization to push their agenda. Twitter's 200 million users worldwide send out more than 400 million tweets a day, making it a potent distributor of news. REUTERS / Pawel Kopczynski (GERMANY - Tags: CRIME LAW SCIENCE TECHNOLOGY) - RTXZUYO

In addition, Cybereason found trojanized versions of the browser Chrome.

According to Serper, many of the trojanized apps were linked to two domains. One of them, the, has been registered with one's credentials Vietnamese citizen.

Many times, information about domain owners is misleading, especially when domain is used in malicious campaigns. However, Serper said that many of the trojanized hacking tools downloaded on VirusTotal, came from a Vietnam IP address.

According to Serper, the hacking team appears to be testing its malware detection rate on VirusTotal before releasing it in hacking forums, blogs, etc.

The use of Vietnamese IP in downloads on VirusTotal, in combination with domain data, is a strong indicator that the gang is actually coming from Βιετνάμ.

Old tactic

As we said above, the tactic of hacking tools infection and providing them for free is a well-known tactic. Many hackers have used it in the past.

This is a fairly simple way of gaining access to violated people data, without resorting to other sophisticated hacking methods. Hackers spreading trojanized tools, let other hackers download the tools, wait a few weeks to collect enough data and then steal it using a backdoor, in this case the trojan njRAT.


Please enter your comment!
Please enter your name here

Absent Mia
Absent Mia
Being your self, in a world that constantly tries to change you, is your greatest achievement


Android: How to see which apps have access to your site

It's no secret that smartphone apps have access to many permissions - if you let them. It is important to make sure ...

Canon lets you take pictures from space

Instead of releasing new cameras for CES 2021, Canon is doing something different: It lets you take pictures from space ....

Wikipedia vs Big tech: Who fights misinformation?

As Election Day turned into US Election Week, Facebook, Twitter and YouTube were trying to prevent ...

Tesla: It is called to recall cars due to problematic screens

The touch screen in some Tesla cars seems to have a problem, which could ...

Ransomware is responsible for half of all data breaches in hospitals

Almost half of the data breaches committed in hospitals and the wider healthcare sector are due to ransomware attacks, ...

Astronomers have just found the oldest oversized black hole

A quasar was discovered in a dark corner of space - over 13,03 billion light-years away - and contains a ...

What are the best and most affordable 5G phones for 2021

The market will soon be flooded with mid-range 5G devices. Everything that happens will be really exciting: you will be able to ...

Verified Twitter accounts in a cryptocurrency scam with the name of Elon Musk violated!

Lately, hackers have been violating verified Twitter accounts in a cryptocurrency giveaway scam, in which the name of the CEO is used ...

Classiscam: Fraudsters "fake" brands and deceive users of European markets!

Dozens of criminal gangs publish fake ads in popular online markets, to attract unsuspecting users to "fraudulent" commercial sites or phishing ...

iOS 14.4: Displays a notification for repairs with non-genuine cameras

Starting with the iPhone 11, Apple has added a notification to iOS that tells the user when the device has a ...