If your laptop or desktop is running Windows, you might want to make sure you’re up and running with the latest version of the operating system and your antivirus software. Researchers have discovered a new strain of the “NanoCore” remote access trojan (RAT), which could leave the most amateur hackers in complete control of your PC.
While RAT trojans have been around for some time, the latest trojan, known as NanoCore v1.2.2, is particularly dangerous. It is freely available for hackers to download on the dark web and can also easily be deployed to PCs. The most common method for deployment is via bogus “Urgent” phishing emails that typically contain fake order invoice documents with hidden malicious macro scripts. It is well known to security researchers but also can reach deep into the Windows registry and, even the network.
Once NanoCore 1.2.2 is deployed, hackers can remotely shut down and restart a PC, access files, the registry editor, control the mouse, open webpages, and even encrypt a PC with ransomware software. Even worse, hackers could disable the webcam lights on a PC and listen to or watch unsuspecting users every move.
Although it appears NanoCore v1.2.2 must first be downloaded to a PC by unsuspecting users to spread its true impact, Forbes is warning that Windows users should still “Update Now” to avoid it. If you’re concerned, you can do this through Windows Update.
Still, a rise in the use of this particular version of NanoCore was first discovered in April, and it is especially dangerous since it is heavily modified. Unlike most trojans, this strain of NanoCore can be controlled with an easy-to-understand interface.
“Once downloaded from the Dark Web, the NanoCore RAT is controlled through a user-friendly interface. This lowers the barrier for entry and enables even the most amateur hackers to weaponize emails and kick off their own campaigns,” said security experts at Lmntrix Labs.
The spread of NanoCore v1.2.2 comes just a few weeks after security researchers found a separate security issue with the BIOS and drivers in newer Windows PCs. While some vendors have since patched this, according to MSPoweruser, hackers could also still be leveraging a flaw in the patch on Windows devices with older Intel CPUs to spread and deploy NanoCore 1.2.2.