A recently found variant of the LodaRAT malware which was previously known for targeting Windows devices, is remaining distributed in an ongoing marketing campaign that now also hunts down Android products and spies on victims. Along with this, researchers have also detected an updated version of LodaRAT targeting windows. Experts have noticed both the versions in the current campaign concentrating on Bangladesh.
LodaRAT is basically a remote access trojan (RAT) that was first discovered in 2016 with a variety of capabilities for spying on victims, such as recording the microphones and webcams of victims’ devices. “Loda” refers to a directory to which the malware author chose to write keylogger logs.
The ongoing campaign indicates an overarching shift in strategy for LodaRAT’s developers, as the attack appears to be concentrating on spying rather than its previous financial goals. The former versions of LodaRAT contained credential-stealing capabilities that researchers speculated ended up used for draining victims’ lender accounts. But the recent versions come with a comprehensive roundup of facts-gathering instructions.