A Spear Phishing attack targeting Government Agencies has been uncovered by Symantec Security Researchers. The emails with the subject related to recent hot media topic "NSA surveillance program PRISM" have three attachments.
What's interesting about the attachment is one of the attachment is a JAR file which is nothing but a Java based Remote Administration Tool(RAT). The other attachments are two non-malicious PDF files.
Once victim opened the JAR file, the java applet will run in the victim's system which is capable of giving full control of the compromised system to the Cybercriminals.
|Java RAT builder control panel- Image Credits: Symantec|
As we all know, the Java is platform independent language, the applet can run not only windows but also but also Linux, Mac OSX, FreeBSD, Solaris and Any operating system that supports java.
According to Symantec report, most of the target of this malware are located in United States. Symantec now detects this threat as Backdoor.Jeetrat.