Researchers uncovered a new malware named BIOPASS RAT that targets the gambling companies in china using water hole attacks to exfiltrate the data and gain remote access to the system by executing the shell commands.
A watering hole attack is a type of cyberattack that targets groups of users by infecting websites that they commonly visit also redirecting the victims via phishing emails and spam email campaigns.
Attack tricks users to download the initial stage of malware loader through a legitimate installer that posed as a well-known app such as Adobe Flash Player or Microsoft Silverlight.
BIOPASS RAT loads 2 different modules, either Cobalt Strike shellcode or a previously undocumented backdoor, and the ability to steal the web-browser data or IM client data.
Interesting functionality of the malware is that having the ability to sniff its victim’s screen by abusing the framework of Open Broadcaster Software (OBS) which is a popular live stream and video recorded app.
Researchers…