RuRAT Trojan Delivered Through Fake Vuxner Chat App

Cybercriminals are often very creative when it comes to propagating the latest malware to their victims. One of the latest samples of this is the RuRAT, which is being spread through the use of a fake messaging application. However, how do the criminals convince their targets to interact with the fake app? They do this via malicious emails, which pretend to come from an 'investor' who is interested in the victim's company. Allegedly, contact between the two parties can only be established by using a chat application called Vuxner. Allegedly, it is available for Windows machines, and a quick glance at its website may leave you under the impression that it is legitimate.

Vuxner Chat App is Fake

The Vuxner Chat app's website looks professionally designed, and many users might easily think that it is a real deal. In reality, however, there is no chat app called Vuxner. Instead, the neat-looking website is simply a deception used to gain your trust. Users who try to download the Vuxner installer will see a legit installation wizard used by the Trillian chat app. The latter is real, and the installer does install its files on your system. However, victims will also see a prompt to install an unnamed piece of software, which warns them that it is part of a toolkit for remote access utilities. This is certainly shady, and any app that wants to install such stuff on your device might have malicious intent.

The execution of the criminals behind Vuxner is certainly lacking, as they did not manage to conceal the installation of the remote desktop software. But what happens if users install this component? They will not only install the remote access tool, but also a copy of the RuRAT Trojan, which grants the criminals full control over their system.

If you receive one of the emails asking you to download and use the Vuxner chat app, then you should ignore it completely. This email spam campaign is also a nice lesson on why you should always be careful when receiving random emails from anonymous investors or potential partners – cybercriminals may often impersonate such parties.

March 7, 2022
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.