Parallax RAT Payload After Hacker Forums Promotion: Tenable Comments
According to an article inBleeping Computer, a remote access Trojan named Parallax is being widely distributed through malicious spam campaigns that when installed allow attackers to gain full control over an infected system.
Gavin Millard, VP of Intelligence at Tenable comments on the Trojan.
“Parallax is an extremely dangerous remote access Trojan, given the range of commands that can be executed post compromise – such as credential theft and even ransomware infection. However, the attack is also easily nullified.
“Typically delivered via malicious email attachments, relying on employees spotting the RAT in their mailbox and asking what they should do isn’t enough. Instead, security teams need to close off the hole it exploits – a two year old Microsoft Office vulnerability [CVE-2017-11882] for which an update exists, and has done since November 2017.
“CVE-2017-11882 is still an extremely popular vulnerability to exploit for delivery of ransomware and other trojans similar to Parallax, so should be identified and addressed as soon as possible. Stop this love RAT and other unsavory characters this Valentine’s Day by fixing your flaws they use to wheedle their way back into your life.”