Categories: NewsSecurity

Cobian Remote Access Trojan Has a Nasty Backdoor

Whenever cybercriminals offer free tools to the rest of the world, one always needs to be suspicious. The new Cobian Remote Access Trojan, for example, is provided free of charge on underground hacking forums. However, it comes with a backdoor that aims to provide the original developer access to all of the victim’s data. This is a very sneaky way of letting others do the dirty work. The Cobian RAT has been in circulation since February of this year, although it is unclear how much information has been collected so far.

The Cobian RAT is a Poisoned Apple

You should never look a gift horse in the mouth, though it wouldn’t hurt to conduct your own research anyway. This is especially true when someone tries to provide you with free software to conduct nefarious activities without asking for anything in return. Nothing in life is truly free. If the advertised tool is indeed as harmful as the developer claims, there is no real reason for him or her to share it with the rest of the world without asking money for it. The

Cobian RAT is seemingly capable of letting others build their own malware with relative ease. Unfortunately, it also leaves something behind in all of those creations.

This “free malware builder’ allows other users to create their own versions of the Cobian RAT with custom settings. It is similar to how most ransomware-as-a-service toolkits operate. Once a criminal uses this free builder to develop his or her own malware, they can effectively distribute it to victims all over the world. The main objective is to steal and compromise data on target devices. Unfortunately for the people creating their own RATs, their newly-created malware also connects to a Pastebin URL under the control of the original developer.

Through this Pastebin URL, the developer can issue new commands to all RATs built on top of the original platform. So far, it seems over 4,000 systems have been infected with Cobian RAT types that are not the original code. Research seemingly indicates that two people have access to this Pastebin URL as of now. These individuals are the original Cobian developer and the person distributing the customized

Related Post
RAT. All of the collected data from victims’ computers are exposed to these two individuals as well. Indeed, these cybercriminals let others do their dirty work for them.

Luckily, it appears the Cobian RAT is not without its flaws. There are several bugs, and some features which just do not work whatsoever. That is pretty unusual for a malware focusing on logging information first and foremost. For one, any computer user who types above the average speed will be somewhat safe from harm. That’s because the keylogger is incapable of capturing all of the keystrokes correctly, which is not a positive sign for anyone looking to utilize this code. It may also explain why Cobian is offered for free.

Additionally, it appears there has not been too much interest in Cobian so far. Researchers have not noticed any of these versions in the wild other than a few individual infections related to this keylogger. When the malware was delivered successfully, it was distributed through a compromised website. Compromising websites and update servers has also become a popular way to distribute ransomware lately.

For all of its shortcomings, Cobian is still a threat to be reckoned with. It is not all that different from what its competitors provide to the masses, even though it has a few bugs and a backdoor. All of the standard malware features one would expect to find are present in Cobian. Now that the backdoor has been exposed, however, it is believed very few criminals will show any interest in Cobian moving forward. After all, no one wants to risk exposing data to other criminals.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Top Secrets to Identifying the Best Crypto to Buy This Week Before It’s Too Late!

In a world where the digital economy is growing at lightning speed, the race to…

7 hours ago

NYC Entrepreneur Wins Big with BTC: BlockDAG Could Be Next

Mia Sanders, NYC Entrepreneur, Made Millions by Investing in BTC: Could BlockDAG Be Next for…

1 day ago

Miami Artist Earns $5.2M with Solana: BlockDAG’s Future Prospects?

A Miami Artist's $5.2M Solana Success: Does BlockDAG Hold Equal Promises for 30,000x ROI? Success…

1 day ago

Chainlink And Aptos Investors Migrate To The Presale Of New Crypto Instant Funding Prop Firm FXGuys ($FXG)

Recent market trends show that the new DeFi coin, FXGuys ($FXG), has been the go-to…

1 day ago

Polkadot Price Prediction; Can XLM’s Rally Hold Strong as New Crypto Brings Passive Income? 

Curious about where the Polkadot price is headed? Or maybe you’re wondering if XLM’s rally…

1 day ago

Best Crypto Presale to Watch: Could This Be the Next 9000% Breakout Star?

Any investor can achieve outstanding profit by selecting the best crypto presale in the growing…

1 day ago