14 June 19, 18:56
(This post was last modified: 14 June 19, 18:58 by silversurfer.)
Quote:Security researchers have discovered an ongoing phishing campaign distributing a new remote access trojan (RAT) and actively targeting commercial banking customers with keyloggers and information stealers.
The new malware, dubbed WSH Remote Access Tool (RAT) by its creator, is a variant of the VBS (Visual Basic Script) based Houdini Worm (H-Worm) first created and spread in 2013.
Besides being ported to JavaScript and using a different User-Agent string and delimiter character when communicating with its command-and-control (C2) server, WSH RAT is basically identical to H-Worm.
"WSH is likely a reference to the legitimate Windows Script Host, which is an application used to execute scripts on Windows machines," according to Cofense's research team, the ones which discovered the new RAT.
SOURCE: https://www.bleepingcomputer.com/news/se...eyloggers/
![[-]](https://www.geeks.fyi/images/collapse.png)
