Malware Cardinal RAT hits Israeli fintech and crypto trading firms

malware attack on israeli

The cybersecurity firm Palo Alto Networks has revealed in a blog report that the fintech and cryptocurrency trading firms in Israel have been the target of a malware dubbed Cardinal RAT since as early as 2017.

The Unit 42 research department revealed that there have been at least two known large scale attacks on Israeli fintech firms since the malware first surface.

What is Cardinal RAT?

The malware in question is a Remote Access Trojan virus that allows full control of the device from a remote location. The trojan that operates in silence.

The software would collect all the data of the target and then wipe clean its presence from the device through a complete uninstall of the applications. The malware steals the data by storing key presses and sending the data off-site through the internet before wiping itself clean.

Other attacks

The report by security firm further reveals that the said fintech firms have been under the attack of a similar malware in the past as well. The malware named ENVILNUM was built on javascript and the new virus seems to be built on the same principles.

The report furthers that both the malware have even attacked the same fintech firms at the same time as well. The report, however, does not reveal any information on whether any data was stolen during the malware attacks.

Johnson Go

Johnson Go

Blockchain enthusiast, project management specialist, writer and crypto investor. JG deals mostly with problems and solutions of crypto projects and provides market outlook for investments. He contributes his analytical skills to projects.

Related News