CyberNews Briefs

New Adwind RAT Variant Used Against the US Petroleum Sector

Security researchers with Netskope have uncovered a sophisticated malware campaign targeting firms in the US petroleum industry. Companies in the sector are receiving malicious phishing messages that trigger the download of a new variant of the Adwind Remote Access Trojan (RAT).

Adwind is also known as jRAT, AlienSpy, JSocket, and Sockrat. The developers of Adwind are distributing it on the dark web via a malware-as-a-service (MaaS) platform. The standard Adwind version is only capable of evading certain basic anti-malware solutions. However, according to Abhinav Singh of Netskope the newly detected variant is more sophisticated and uses “multi-layer obfuscation to try to evade detection.”

Read more: New Adwind RAT Variant Used Against the US Petroleum Sector

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.