According to InfoArmor, the notorious government computer malware GovRAT has been tactically upgraded. The Remote Access Trojan packs 11 high profile advancements, notes the feature list. However, researchers are not solely concerned with the updates to the malware. The improved accessibility is a major threat the government organizations in the US. GovRAT v2.0 is openly available for purchase starting at $1,600.
In November 2015, InfoArmor published a warning upon discovering GovRAT on the Hell Forum and TheRealDeal marketplace. After the piece was published, the developer changed his pseudonym from bestbuy to Popopret. As revealed in the GovRAT v2.0 discovery paper, InfoArmor still connected the dots.
Popopret is now working with PoM or Peace_of_Mind, another famed hacker. POM is behind the latest Yahoo, LinkedIn, Tumblr, and VK data breaches. This time, POM is selling dumps of credentials from government employee email addresses. According to InfoArmor, the list is needed to target government officials. POM’s files aid in distributing the malware as an email attachment. Alternatively, the files can be used to lure victims to a website that infects the target’s machine with