History of the Adwind RAT malware
In 2016, Kaspersky lab reported attacks made with the Adwind Remote Access Tool (RAT), a cross-platform, multifunctional malware program also known as AlienSpy, Frutas, Unrecom, Sockrat, JSocket and jRat, which is distributed through a single malware-as-a-service platform.
One of the main features that distinguishes the Adwind RAT from other commercial malware is that it is distributed openly in the form of a paid service, where the “customer” pays a fee to use the malicious program.
According to the results of the investigation, which was conducted between 2013 and 2016, different versions of the Adwind malware have been used in attacks against at least 443,000 private users, commercial and non-commercial organizations around the world.
In order to protect yourself and your organization against this threat, Kaspersky Lab encourages enterprises to limit the use of Java to isolated applications that are impossible to run without the use of this platform.
In a similar way to financial operations, Java applications can be isolated with maximum security principles applied to them.
Kaspersky Lab’s solutions offer a wide variety of Application Control features to set the granular policy, and monitor and control the use of specific applications on corporate endpoints.
For a full overview of financial threats and their evolution during the last year, please read our report “Financial Cyberthreats in 2016”.