![njRAT dominates Nascent Middle East Cybercrime Scene – Symantec njRAT dominates Nascent Middle East Cybercrime Scene – Symantec](https://varindia.com/public/index.php/storage/news/uploads/2014/04/SYMANTEC.jpg)
Symantec has observed the growth of indigenous groups of attackers in the Middle East, centered around a simple piece of malware known as njRAT. While njRAT is similar in capability to many other remote access tools (RATs), what is interesting about this malware is that it is developed and supported by Arabic speakers, resulting in its popularity among attackers in the region.
The malware can be used to control networks of computers, known as botnets. While most attackers using njRAT appear to be engaged in ordinary cybercriminal activity, there is also evidence that several groups have used the malware to target governments in the region.
Symantec has analyzed 721 samples of njRAT and uncovered a fairly large number of infections, with 542 control-and-command (C&C) server domain names found and 24,000 infected computers worldwide. Nearly 80 percent of the C&C servers were located in regions in the Middle East and North Africa, including Saudi Arabia, Iraq, Tunisia, Egypt, Algeria, Morocco, the Palestinian Territories and Libya.
njRAT is not new on the cybercrime scene. It has been publicly available since June 2013 and three versions have already been released, all of which can be propagated through infected USB keys or networked drives.
The main reason for njRAT’s popularity in the Middle East and North Africa is a large online community providing support in the form of instructions and tutorials for the malware’s development. The malware’s author also appears to hail from the region.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.