Remote access trojans such as StrRAT and Ratty are being distributed as a combination of polyglot and malicious Java archive (JAR) files, once again highlighting how threat actors are continuously finding new ways to fly under the radar.
“Attackers now use the polyglot technique to confuse security solutions that don’t properly validate the JAR file format,” Deep Instinct security researcher Simon Kenin said in a report.