If your laptop or desktop is running Windows, you might want to make sure you’re up and running with thelatest version of the operating systemand yourantivirus software. Researchershave discovereda new strain of the “NanoCore” remote access trojan (RAT), which could leave the most amateur hackers in complete control of your PC.
While RAT trojans have been around for some time, the latest trojan, known as NanoCore v1.2.2, is particularly dangerous. It is freely available for hackers to download on the dark web and can also easily be deployed to PCs. The most common method for deployment is via bogus “Urgent”phishing emailsthat typically contain fake order invoice documents with hidden malicious macro scripts. It is well known to security researchers but also can reach deep into the Windows registry and, even the network.
Once NanoCore 1.2.2 is deployed, hackers can remotely shut down and restart a PC, access files, the registry editor, control the mouse, open webpages, and even encrypt a PC with ransomware software. Even worse, hackers could disable the webcam lights on a PC and listen to or watch unsuspecting users every move.
Although it appears NanoCore v1.2.2 must first be downloaded to a PC by unsuspecting users to spread its true impact,Forbes is warningthat Windows users should still “Update Now” to avoid it. If you’re concerned, you cando this through Windows Update.
Still, a rise in the use of this particular version of NanoCore was first discovered in April, and it is especially dangerous since it is heavily modified. Unlike most trojans, this strain of NanoCore can be controlled with an easy-to-understand interface.
“Once downloaded from the Dark Web, the NanoCore RAT is controlled through a user-friendly interface. This lowers the barrier for entry and enables even the most amateur hackers to weaponize emails and kick off their own campaigns,” said security experts atLmntrix Labs.
The spread of NanoCore v1.2.2 comes just a few weeks after security researchers found aseparate security issuewith the BIOS and drivers in newer Windows PCs. While some vendors have since patched this, according toMSPoweruser, hackers could also still be leveraging a flaw in the patch on Windows devices with older Intel CPUs to spread and deploy NanoCore 1.2.2.
