AlienSpy RAT subscription malware has gnawed away at over 400,000 victims
Being sold online as 'malware-as-a-service'
The AlienSpy RAT (Remote Access Tool) has been making some major waves it would seem, at least according to the findings of a pair of researchers from security company Kaspersky.
As ZDNet reports, over at Kaspersky's Security Analyst Summit in Tenerife, Vitaly Kamluk and Aleks Gostev announced that AlienSpy has been responsible for at least 400,000 attacks on corporate and private targets across various industries including the finance world, engineering, education and government.
Most of the organisations hit have been small to medium-sized businesses, though.
AlienSpy – which is known by a number of other names including Adwind, JSocket and Sockrat – was highlighted by Kaspersky when it was used in a spear phishing attack on a bank in Singapore.
RAT for hire
It's written in Java so it's cross-platform, and it's for sale as a 'malware-as-a-service' platform with an online subscription model – including rudimentary technical support – making it usable by amateur cybercriminals.
The malware is particularly dangerous because of how easy it is to get going with it, along with the fact that it can compromise Windows, OS X and Linux systems.
It's capable of being used for remote desktop control and siphoning off data such as keystrokes, cached passwords and data from web forms, and can be used to snap screenshots of the desktop or pictures/video from webcams, and much more.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The online subscription site apparently had around 1600 registered users as of December last year, giving the operators an annual income of around $200,000 (about £140,000, AU$285,000), Kaspersky estimates.
Darren is a freelancer writing news and features for TechRadar (and occasionally T3) across a broad range of computing topics including CPUs, GPUs, various other hardware, VPNs, antivirus and more. He has written about tech for the best part of three decades, and writes books in his spare time (his debut novel - 'I Know What You Did Last Supper' - was published by Hachette UK in 2013).