Monday, February 27, 2017

The Economical RAT: Luminosity.Link

The Luminosity.Link Remote Administration Tool (RAT) has been observed by a number of companies over the past year being spread through phishing emails. The Luminosity.Link RAT is sold openly online and contains numerous features that make it popular among cyber criminals. Luminosity.Link is designed using the .NET framework for use on Windows Operating systems. 

The Key Findings of our analysis revealed:
  • Recent samples leverage the AutoIt scripting tool
  • Luminosity.Link uses the SundownEK (Exploit Kit) for delivery
  • Luminosity.Link samples contain encrypted configurations
Luminosity.Link is an economical RAT for cyber criminals. Coupling it with Exploit Kits targeting Windows systems further increases infection success rates. We assess with high confidence that the development and use of the Luminosity.Link RAT will continue...READ MORE

Wapack Labs has extensively reported on Remote Access Tools (RAT) in the past. An archive of related reporting can be found in the Red Sky Alliance Portal. 

SERIAL: FR17-002 
COUNTRIES: Worldwide 
REPORT DATE: 20170221