U.S. law enforcement has been alerted to the use of the Remcos RAT in multiple global hacking campaigns, according to Cisco’s Talos Security Intelligence and Research Group. The ads say Remcos Remote Access Tool is legal IT management software. But the RAT allows a user to sneak malware by security products and then secretly surveil a targeted computer. Remcos itself is sold by a German-registered company, Breaking Security, that markets it as a legitimate way to remotely access computers. However, the software has been spotted in hacking campaigns targeting defense contractors in Turkey, news agencies, diesel equipment manufacturers, airlines and energy sector companies. “What we found here is a piece of software being used by bad guys in a lot of different places,” Cisco Talos director Craig Williams told CyberScoop. “They sell a crypter attempting to make the malware undetectable, a keylogger payload, a mass mailer to mail it out and they even have […]
The post Talos: Remcos software is a surveillance tool posing as legitimate software appeared first on Cyberscoop.
Continue reading Talos: Remcos software is a surveillance tool posing as legitimate software→