The cybersecurity researchers at Trustwave have identified a new Mailspam campaign while reviewing a spam trap. However, this campaign shares a remote access Trojan (RAT) by indicating files that contain a sex scandal video of the former U.S. President Donald Trump.
According to the report, the security experts have investigated further and determined that its attachment is a modification of the QRAT downloader. Additionally, the experts also asserted that the emails, which convey with the subject line “GOOD LOAN OFFER!!,” come associated with a Java archive (JAR) file named “TRUMP_SEX_SCANDAL_VIDEO.jar.”
When this video gets downloaded, it starts to installs Qua or Quaverse RAT (QRAT) onto the infiltrated system. The security experts affirmed that this technique is one of the most advanced threat actors’ attempts to affect Windows computers by using this tried-and-trusted method.
Mailspam
The emails have a subject like “GOOD LOAN OFFER!!” initially seems like an…