08/05/2021 | News release | Distributed by Public on 08/05/2021 08:37
njRAT, also known as Bladabindi, is a remote access Trojan (RAT) which was first discovered in 2012. This tool was developed by a threat actor group known as Sparclyheason and used in attacks targeting organizations in Middle Eastern countries. The backdoor has been widely available since its source code was leaked in May 2013. The RAT is popular with both experienced threat actors and amateurs alike.
Most commonly, njRAT is delivered through weaponized documents as part of phishing campaigns. It can also be found masquerading as legitimate or cracked software on file-sharing websites, or delivered through drive-by downloads.
Once deployed to a victim's machine, njRAT can perform surveillance or even take control of the infected system. The malware's capabilities include logging keystrokes, capturing screenshots, password stealing, exfiltrating data, accessing web cameras and microphones, and downloading additional files.
The BlackBerry Research & Intelligence Team has analyzed the attack methods used by this threat, and in addition to recommending basic cyber hygiene steps, strongly urges BlackBerry customers to ensure their systems have the following BlackBerry® Cyber Suite components enabled with a blocking policy to detect threats that trigger the specific rules noted below.
BlackBerry Cyber Suite and BlackBerry Guard stop these attacks.
BlackBerry customers can feel confident that our AI-driven BlackBerry Cyber Suite, as well as our Managed Detection & Response (MDR) solution BlackBerry® Guard, are all well-equipped to mitigate the risks posed by njRAT malware:
Prevention First
At BlackBerry, we take a prevention-first and AI-driven approach to cybersecurity. Putting prevention first neutralizes malware before the exploitation stage of the kill-chain.
By stopping malware at this stage, BlackBerry® solutions help organizations increase their resilience. It also helps reduce infrastructure complexity and streamline security management to ensure your business, people, and endpoints are secure.
BlackBerry Assistance
The BlackBerry Incident Response team can work with organizations of any size and across any vertical, to evaluate and enhance their endpoint security posture and proactively maintain the security, integrity, and resilience of their network infrastructure.
For emergency assistance, please email us at [email protected], or use our handraiser form.
Learn more about the latest cybersecurity threats and threat actors in the BlackBerry 2021 Annual Threat Report.
The BlackBerry Research and Intelligence team examines emerging and persistent threats, providing intelligence analysis for the benefit of defenders and the organizations they serve.