10/15/2021 | News release | Distributed by Public on 10/15/2021 06:25
STRRat is a Java-based Remote-Access Trojan (RAT) that has a plethora of malicious functionalities, focusing primarily on information stealing and backdoor capabilities. It gathers credentials from browsers and email clients, and has online and offline keystroke logging abilities.
STRRat also has the capability of mimicking a ransomware attack. No files are encrypted; the malware just appends the file-extension ".crimson" while opening Notepad to display a false ransom note.
Observed in the wild since mid-2020, the initial infection vector for STRRat is typically a malicious attachment masquerading as a business document or a receipt/purchase order, delivered via email. This threat previously relied on a victim having a Java Runtime Environment (JRE) already present on their device. The malware now either deploys its own JRE instance or contains initial stage checks for the presence of a valid Java version.
BlackBerry Cyber Suite and BlackBerry Guard stop these attacks.
BlackBerry customers can feel confident that our AI-driven BlackBerry® Cyber Suite, as well as our Managed Detection & Response (MDR) solution BlackBerry® Guard, and our Zero Trust Network Access solution BlackBerry® Gateway, are all well-equipped to mitigate the risks posed by threat actors:
At BlackBerry, we take a prevention-first and AI-driven approach to cybersecurity. Putting prevention first neutralizes malware before the exploitation stage of the kill-chain.
By stopping malware at this stage, BlackBerry® solutions help organizations increase their resilience. It also helps to reduce infrastructure complexity and streamline security management, ensuring your business, people and endpoints are secure.
The BlackBerry Incident Response team can work with organizations of any size and across any vertical, to evaluate and enhance their endpoint security posture and proactively maintain the security, integrity, and resilience of their network infrastructure.
Learn more about STRRat in our deep dive blog, Threat Thursday: STRRat Malware.
The BlackBerry Research & Intelligence team examines emerging and persistent threats, providing intelligence analysis for the benefit of defenders and the organizations they serve.