Hackers hit with malware-ridden tools

Researchers uncover campaign targeting other hackers and the networks they've accessed

Security researchers have discovered a campaign where hackers themselves have become targets with malware-ridden tools offered online.

These tools enable an attacker to take full access of a victim's computer once unwittingly opened, according to Amit Serper from Cybereason

Serper has been investigating a campaign that's been running for years and found that hackers were taking existing tools and injecting them with remote-access trojan malware.

Related Resource

The essential guide to cloud-based backup and disaster recovery

Support business continuity by building a holistic emergency plan

Download now

Some of the tools were designed to harvest data through via product key generators. 

Advertisement - Article continues below

These were being repackaged and placed online, on forums and websites, to 'bait' other hackers in the hope that once in their systems, they would find backdoors into the networks they had hacked themselves. 

The tools have been infected with njRat, a new strain of trojan which gives the attacker full access to the victim's computer, their files, passwords and even their webcam and microphone. 

The njRat trojan is often spread through phishing emails and infected flash drives, but according to Serper, the malware has been embedded on to dormant or insecure websites. According to his research, these hackers have compromised several websites and are building new variations of the tools on a daily basis.

While hackers getting hacked may sound like a comeuppance, it's most likely fueling more criminal activity, according to Jake Moore, cyber security specialist at ESET. He suggests this could easily spread to a wider audience than just those intended. 

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

"Once campaigns like this are released into the wild, they inevitably end up being used by other threat actors, which increases the number of targets on a wider scale," he said. 

"Whilst the actors behind these campaigns may not be thinking about how moral such activities are, it highlights that even criminal hackers are susceptible to foul play and are vulnerable to impressive attacks."

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now
Advertisement

Recommended

Visit/mobile/google-android/356373/over-2-dozen-additional-android-apps-found-stealing-user-data
Google Android

Over two dozen Android apps found stealing user data

7 Jul 2020
Visit/antivirus/28144/best-antivirus
antivirus

Best antivirus for Windows 10

30 Jun 2020
Visit/security/ethical-hacking/356252/poorly-secured-banking-apps-lead-to-cyber-threats
ethical hacking

Mobile banking apps are exposing user data to attackers

26 Jun 2020
Visit/security/malware/356231/most-malware-came-through-https-connections-in-q1-2020
malware

Most malware came through HTTPS connections in Q1 2020

25 Jun 2020

Most Popular

Visit/business/business-operations/356395/nvidia-overtakes-intel-as-most-valuable-us-chipmaker
Business operations

Nvidia overtakes Intel as most valuable US chipmaker

9 Jul 2020
Visit/laptops/29190/how-to-find-ram-speed-size-and-type
Laptops

How to find RAM speed, size and type

24 Jun 2020
Visit/mobile/google-android/356373/over-2-dozen-additional-android-apps-found-stealing-user-data
Google Android

Over two dozen Android apps found stealing user data

7 Jul 2020