Scary New Malware is Targeting US Government Employees

Scary New Malware is Targeting US Government Employees

It’s no secret that malware targets people in important positions. According to a new report, a frightening new malware is targeting influential people in the US government.

The new “GovRAT” malware is specifically designed to bypass antivirus tools – including the ones used by US government employees. The malware has also been labeled as “tough to detect” and “aggressive in its mission to steal sensitive files”.

The malware was discovered by security firm InfoArmor.  That company actually published details on GovRAT last November – but it’s becoming more and more prevalent in 2016.

The makers of GovRAT came out with a second version of the virus earlier this year. Just like the original, this new virus avoids detection by using stolen digital certificates – so your computer checks the virus, sees its “legitimate”, and then moves on.

InfoArmor has released a new report that deals specifically with the new version. Some of the scary new features in the malware includes a function to secretly monitor network traffic over the victim’s computer – which opens some scary possibilities.

“If you’re downloading something from a particular resource, the hackers can intercept the download and replace it with malware,” said InfoArmor CIO Andrew Komarov on Friday in a statement to PCWorld.com.

The Virus Has Attacked At Least 15 Governments, 7 Financial Institutions, and Over 100 Corporations

This isn’t some theoretical malware that only exists in a lab: it’s a real-world virus that has directly led to some real-world problems.

According to the InfoArmor report, the virus has already attacked at least 15 governments around the world, as well as 7 financial institutions and over 100 corporations.

The number of GovRAT victims continues to grow – mostly due to huge sales on the online black market. InfoArmor claims the malware is selling like hotcakes on Hell Forum, a black market website where malware is bought and sold.

govrat-2

33,000 Online Accounts Stolen, Including US Government Employee Records

GovRAT has the potential to infect victims all over the world. However, it’s proven to be particularly problematic for the US government.

When you buy GovRAT on the black market, you’ll also receive a stolen database of 33,000 internet accounts, many of which belong to employees of the US government.

Those internet accounts include sensitive information – like hashed passwords, email addresses, full names, and addresses.

How Do Hackers Attack the US Government?

Hackers will typically use the account information listed above to target specific US government employees. Attacks typically take place in the form of phishing emails or drive-by downloads.

Nicely enough, InfoArmor has actually alerted the US government about the problem. However, even they admit that they don’t know how many US government agencies have been attacked – although they do claim targets include defense and military departments.

There’s also evidence that GovRAT was designed specifically for long-term cyberespionage operations – which opens the possibility that it was developed by state-sponsored individuals.

To avoid this GovRAT malware, make sure your antivirus software is up to date. Or, consider installing anti-malware, PC optimization software like Total System Care for additional support.

user-gravatar
Andrew
No Comments

Sorry, the comment form is closed at this time.