image credit: adobe stock
Dubbed Nerbian, the RAT is written in the Go programming language and packs numerous anti-analysis and anti-reversing features. The backdoor uses various open-source Go libraries for its operations and employs encryption routines that help it evade network analysis, Proofpoint says.
Starting late April 2022, Proofpoint observed Nerbian RAT being distributed via phishing emails that claim to come from the World Health Organization (WHO) and which carry COVID-19 themes similar to the lures used in 2020, when the pandemic was at its early stages.
Comments are closed.
