BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

Old Cardinal RAT Malware Resurrects Through Series Of Updates

- Advertisement -

Israeli tech companies, beware: This malware family is back after two years in hiding.

A type of malware family not seen since 2017 has resurfaced and is targeting FinTech and cryptocurrency companies in Israel, according to a March 19 blog post from cybersecurity watchdog Unit 42.

The previous version of the malware family, dubbed Cardinal RAT, employed the Carp Downloader, which uses “malicious macros in Microsoft Excel documents to compile embedded C# (C Sharp) Programming Language source code into an executable that in turn is run to deploy the Cardinal RAT malware.”

According to Unit 42, the new version of the Cardinal RAT malware comes with updates and modifications that “evade detection and hinder analysis.” This version of Cardinal RAT uses a variety of obfuscation techniques, including hiding malicious code in in a bitmap file. Once the victim opens the file, the malware is decrypted and begins to infect the victim’s computer.

- Advertisement -

Unit 42 confirmed the updated version of Cardinal RAT infects the victim’s computer by collecting victim information, updating settings, acting as a reverse proxy, executing a command, uninstalling itself, recovering passwords, downloading and executing new files, keylogging, capturing screenshots, and cleaning cookies from browsers.

According to The Next Web, in addition to nine reports from Israel of Cardinal RAT Malware attacks, there have been two in the US and one in both Japan and Austria. To protect one’s personal data from malware attacks, Unit 42 suggests that individuals and companies beef up their spam filters and parental controls to “restrict use of scripting languages by malware” and not open or even allow “inbound e-mails with LNK file as attachments [or] … e-mails from external sources where the documents contain macros.”

Although the Cardinal RAT malware was silent for two years, there have been quite a few malware attacks targeting the personal data of people and companies. Just last month, cybersecurity firm ESET announced it discovered malware created to steal crypto wallet addresses and personal keys infecting the Google Play store.

Nathan Graham is a full-time staff writer for ETHNews. He lives in Sparks, Nevada, with his wife, Beth, and dog, Kyia. Nathan has a passion for new technology, grant writing, and short stories. He spends his time rafting the American River, playing video games, and writing.

Like what you read? Follow us on X @Bitnewsbot to receive the latest Cardinal RAT, Carp Downloader or other Ethereum ecosystem news.



Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

WordPress core hit by zero-click RCE bug, patch now live

WordPress patched a pre-authentication remote code execution flaw in versions 6.9.5 and 7.0.2 on...

ECB: Stablecoin growth puts European bank deposits at risk

ECB board member Piero Cipollone warned Friday that stablecoin growth could strip European banks...

Tesla Launches Megacharger Network with Bloomington Station

Tesla opened a new public Megacharger station in Bloomington, California, calling it the start...

Apple Overtakes Nvidia as World’s Most Valuable Public Company

Apple briefly surpassed NVIDIA as the world’s most valuable publicly traded company, hitting an...

Galaxy Digital buys naming rights to Texas Tech stadium in 15-year deal

Galaxy Digital signed a 15-year naming rights deal with Texas Tech, renaming the football...

Must Read

How to Buy VPS with Crypto from Hostinger – Step by Step guide

Did you know that nowadays you can use Bitcoin to purchase a Windows VPS? If you’re here, you’re probably wondering how to do it....
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading