Friday, March 9, 2018

REMCOS Remote Administration Tool

REMCOS is a new, publicly available Remote Administration Tool (RAT) that has become popular with hackers. Since January 2018, over 14 hundred samples were submitted to Virus Total, indicating the RAT is growing in popularity. Recent changes to Tactics, Techniques, and Procedures (TTP) include embedding payloads in MP3 and JPEG files; resulting in little to no Antivirus (AV) detections and significantly increasing the likelihood for infections. The malware in this report downloads payloads embedded in other files with little or no current detections, which may indicate the possibility of a high infection rate...READ MORE

Wapack Labs has cataloged and reported on Remote Administration Tools in the past. An archive of related reporting can be found in the Red Sky Alliance portal.