US Tax Filers Are Targeted With Remote Access Trojans

Now is the most opportune time for cybercriminals to start targeting taxpayers. A new wave of remote access Trojans has been discovered, all of which are targeting tax filers. What is rather interesting is how these RATs are all Java-based, increasing the criminals’ chances of success. So far, it remains unclear how many people have fallen victim to this new wave of malware.

Java RATS Deliberately Target Tax Filers

It is not surprising to learn criminals are looking to commit massive tax fraud at this time of the year. Millions of US citizens are filing their taxes as we speak, which means there is a lot of sensitive information waiting to be taken advantage of. Or that is how criminals look at tax filers anyway, as they see these people are money machines, rather than actual living beings. Targeting tax filers have become slightly more difficult over the past few years, yet it appears criminals are using a new tool to achieve their goals.

Various spam campaigns containing malware-laden attachments are making the rounds as we speak. These types of malware are mainly Java-based remote access Trojans, which allow criminals to remotely control any computer they can infect successfully. In most cases, email attachments are labeled as “IRS Updates” and “Important PDF”, all of which are seemingly coming from official IRS email addresses.

Keeping in mind how the Tax deadline expired on April 18th, criminals are making a last-ditch effort to try and obtain as much personal information as they possibly can. The last day of tax filing seasons will always be hectic, and consumers are more prone to phishing scams than ever before. Everyone wants to make sure their tax filings are in order first and foremost, which means they may even be tricked into opening email attachments.

All it takes is one click to get a computer infected with these Java-based remote access Trojans. Whoever opens such an attachment will not only expose themselves and all information transmitted via their computer but also expose any other computer connected to the same network. This means entire households, or even large enterprises, can all be infiltrated successfully with one simple mistake by any of the computer users.

As one would expect, these remote access Trojans will receive commands from a  central command-and-control server. Moreover, the Trojans can download and execute additional malicious payloads on the victim’s machine. The biggest threat comes in the form of taking over any connected camera and taking pictures of the person using the device. That is an excellent way to commit some form of ID fraud at a later stage, although it remains unclear whether or not criminals will effectively use this latter tool.

Anyone who has filed taxes – or is still looking to do despite the deadline expiring – will need to be extra careful. Criminals are actively trying to take advantage of anyone who is not taking cybersecurity to heart right now. Exposing tax filing information to an unknown third party with malicious intentions could have all kinds of nasty consequences.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.