New JhoneRAT Malware Targets Middle East - OODA Loop

Security researchers warn that a new remote access trojan named JhoneRAT is targeting the Middle East and boasts anti-detection techniques such as making use of Google Drive, Google Forms, and Twitter. Once it is downloaded, the RAT gathers information off of the victim’s device and downloads additional payloads.

There is evidence proving that the attackers behind JhoneRAT have taken measures to ensure that the trojan is being distributed to Arabic speaking victims. The campaign is active and started in November of 2019. Experts stated that the nature of the campaign leads analysts to believe that an actor developed a homemade RAT and is now deploying it to its victims.

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.