Analysis of Remote Access Trojans helps understand third-party business risk

Remote Access Trojans (RATs) are often used to steal information from enterprise networks. By looking at network metadata, analysts at threat intelligence firm Recorded Future have been able to identify RAT command-and-control (C2) servers, and more crucially, which corporate networks are communicating to those controllers. This offers insight about third-party organizations that Recorded Future clients can use to get a better understanding of potential third-party risk to their own data. The research identified active malware controllers for 14 malware families between December 2, 2018 and January 9, 2019. It then focused analysis on a subset of malware -- Emotet, Xtreme RAT,… [Continue Reading]