Skip to main content

Hackers can easily watch your every move, control PCs with free NanoCore Trojan

Image used with permission by copyright holder

If your laptop or desktop is running Windows, you might want to make sure you’re up and running with the latest version of the operating system and your antivirus software. Researchers have discovered a new strain of the “NanoCore” remote access trojan (RAT), which could leave the most amateur hackers in complete control of your PC.

While RAT trojans have been around for some time, the latest trojan, known as NanoCore v1.2.2, is particularly dangerous. It is freely available for hackers to download on the dark web and can also easily be deployed to PCs. The most common method for deployment is via bogus “Urgent” phishing emails that typically contain fake order invoice documents with hidden malicious macro scripts. It is well known to security researchers but also can reach deep into the Windows registry and, even the network.

Once NanoCore 1.2.2 is deployed, hackers can remotely shut down and restart a PC, access files, the registry editor, control the mouse, open webpages, and even encrypt a PC with ransomware software. Even worse, hackers could disable the webcam lights on a PC and listen to or watch unsuspecting users every move.

Although it appears NanoCore v1.2.2 must first be downloaded to a PC by unsuspecting users to spread its true impact, Forbes is warning that Windows users should still “Update Now” to avoid it. If you’re concerned, you can do this through Windows Update.

Still, a rise in the use of this particular version of NanoCore was first discovered in April, and it is especially dangerous since it is heavily modified. Unlike most trojans, this strain of NanoCore can be controlled with an easy-to-understand interface.

“Once downloaded from the Dark Web, the NanoCore RAT is controlled through a user-friendly interface. This lowers the barrier for entry and enables even the most amateur hackers to weaponize emails and kick off their own campaigns,” said security experts at Lmntrix Labs.

The spread of NanoCore v1.2.2 comes just a few weeks after security researchers found a separate security issue with the BIOS and drivers in newer Windows PCs. While some vendors have since patched this, according to MSPoweruser, hackers could also still be leveraging a flaw in the patch on Windows devices with older Intel CPUs to spread and deploy NanoCore 1.2.2.

Arif Bacchus
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
A dangerous new jailbreak for AI chatbots was just discovered
the side of a Microsoft building

Microsoft has released more details about a troubling new generative AI jailbreak technique it has discovered, called "Skeleton Key." Using this prompt injection method, malicious users can effectively bypass a chatbot's safety guardrails, the security features that keeps ChatGPT from going full Taye.

Skeleton Key is an example of a prompt injection or prompt engineering attack. It's a multi-turn strategy designed to essentially convince an AI model to ignore its ingrained safety guardrails, "[causing] the system to violate its operators’ policies, make decisions unduly influenced by a user, or execute malicious instructions," Mark Russinovich, CTO of Microsoft Azure, wrote in the announcement.

Read more