jRAT += Houdini: New Year 2019

In the late evening of 08-01-2019 a phishing document related to the Ministry of Defense of Turkey has been captured in the wild and caught my attention (md5: 0d3b1c3c4287fe12399dc29d88905e9c). Further investigations led to believe that a new malicious campaign aimed to the spreading of HWorm + jRat variants is raising up in these last days. Insights The phishing document (md5: 0d3b1c3c4287fe12399dc29d88905e9c) tries to attract the curiosity of the potential victims through a file name that … [Read more]