HP Menace Investigation dubbed the new, evasive loader “RATDispenser,” with the malware responsible for deploying at the very least 8 diverse malware households in 2021. All-around 155 samples of this new malware have been uncovered, distribute across 3 unique variants, hinting that it is underneath active enhancement.
“RATDispenser is utilised to obtain an first foothold on a technique before launching secondary malware that establishes regulate over the compromised gadget,” security researcher Patrick Schläpfer reported. “All the payloads had been RATs, developed to steal information and facts and give attackers control about target units.”
RATDispenser has been noticed dropping distinct types of malware, which include STRRAT, WSHRAT (aka Houdini or Hworm), AdWind (aka AlienSpy or Sockrat), Formbook (aka xLoader), Remcos (aka Socmer), Panda Stealer, CloudEyE (aka GuLoader), and Ratty, each and every of which are geared up to siphon delicate data from the compromised equipment, in addition to targeting cryptocurrency wallets.
“The range in malware households, quite a few of which can be bought or downloaded freely from underground marketplaces, and the preference of malware operators to fall their payloads, propose that the authors of RATDispenser may possibly be working under a malware-as-a-company enterprise model,” Schläpfer explained.