A new python-based remote access Trojan has been included by some hackers to hack confidential information of people. This python-based remote access can hack passwords, documents, browser cookies, email credentials, and other sensitive information. An analysis of the same was published by the Cybereason researchers recently. The hacker group known as Evilnum has deployed a python RAT known as PyVil RAT. The RAT can gather information and even take information out of your computer with screenshots. It can also capture keystrokes data.
It is also able to open an SSH shell and deploy new tools into your software. The first report by this hacking group was reported in the year 2018. The tools of the group have evolved themselves since then. Now, they have different tools and high technological advancement. The hacks from the group have actively focused on fintech targets. The Python Scripted Remote Access Trojan can be used to spy on infected and vulnerable targets. Evilnum has undertaken several malware campaigns against the company located in the UK and Europe.
Recently in the month of July, one APT group was sending spear-phishing emails to the companies with the view of hacking confidential information. The emails consist of a ZIP file hosted on Google drive. The main objective of the file was to steal software licences and other confidential information related to credit card and investment. The statistics of the cyber attacks are increasing day by day. The way of hacking confidential information have retained the same for a long time. The procedure of hacking has changed a lot. Hackers are also seen using KYC documents to trick the employees. Now, the hackers are actively using JavaScript-based Trojans.
The exact origin of the Evilnum hacker groups is still unclear for the researchers. Although, there is quite a danger ahead for all of the big firms because there is constant improvisation in the gangs’ tactic.