This 'hot or not' dating scam could seize control of your PC
Cybercriminals have repurposed the Hupigon RAT to launch adult dating attacks
Security researchers at Proofpoint have discovered that threat actors have repurposed a nearly 15-year-old attack tool called Hupigon to launch a new campaign targeting both faculty and students at colleges and universities across the US.
Hupigon is a remote access trojan (RAT) that has been around since at least 2006 and it is often associated with state-sponsored APT threat actors.
The new campaign uses a “hot or not” dating format where users must choose between one of two pictures by clicking on the link under the picture.
- Hackers infecting other hackers with remote-access trojan
- Government cash stimulus payments used as a social engineering lure by cybercriminals
- Beware these new coronavirus email scams
However, when a recipient of the malicious email clicks either link, an executable containing Hupigon begins to download. Running the downloaded file installs the RAT on their system which gives the attackers control of their PC.
Hupigon RAT
This new campaign has already delivered over 150,000 malicious messages to over 60 different industries with 45 percent focused on education, colleges and universities. Between April 14 and 15 of this year, message volumes reached approximately 80,000 messages, coinciding with an observed rotation in payload.
Hupigon has many features and capabilities and the RAT allows attackers to access an infected machine, log keystrokes, steal passwords and monitor a user's webcam which could be used later to launch sextortion attacks.
Proofpoint associates Hupigon with historic APT campaigns based on the language of the builder, open source breach reporting and multiple reports of similar APT actor behavior between 2010 and 2012.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Users can avoid falling victim to this latest campaign by monitoring their inboxes closely and not clicking on any links in emails from unknown senders.
- We've also highlighted the best antivirus software
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.