QRat Malware Has an Email Offer. The Quaverse Remote Access Trojan–affectionately dubbed QRat–has been with us since at least 2015.
It’s a good piece of malware because it’s notoriously difficult to detect, and it provides high-value information like passwords, sensitive files, screenshots, and more.
In addition to remotely offloading files, hackers can assume complete control over any infected system. In the malware world, it doesn’t get much better than that. However, this year, cybersecurity professionals have discovered a new campaign that they’re describing as “significantly enhanced.”
It’s common knowledge that hackers and scammers rely on social engineering techniques to try and entice email recipients to click on links embedded in their messages or files they have attached. These are the most common ways that malware finds its way onto targeted systems.
In this case, the hackers rely on greed and the realities of the economic hardships caused by the Covid-19 Pandemic. The email with the QRat Malware offers the recipient a loan with “a good return on investment,” with an attachment that claims to be a video message from President Donald Trump.
Anyone foolish enough to click on the QRat Malware email “video message” (which isn’t a video and contains no message from Trump or anyone else) will wind up with the QRat Malware installed on their system.
Suppose a recipient stopped to think about the QRat Malware email message and the purported attachment. In that case, they’d almost certainly not click on the “video file,” but part of the magic of social engineering lies in the fact that the message creates a self-contained reality that sucks the reader in. In this case, it goes something like this, “Times have been hard. The pandemic has put me in a financial bind. Here’s a loan that promises to be a “good investment,” and the President apparently supports it.”
Okay, I want to know more.
Objectively, there’s no good reason why the QRat Malware email should work, but it does. Be on the alert for it and make sure your employees are aware of the threat.