BlackBerry Prevents BoratRAT
BoratRAT is a malware toolkit with many facets – capable of credential theft, creating ransomware, and direct denial of service (DDoS) attacks. While named after a certain comedic character, this destructive crypto-viral kit is no laughing matter.
The Borat remote access trojan (RAT) targets device accessibility and easily defeats data security, leaving the threat actor with near total control of the victim’s device. First spotted by Cyble researchers in March 2022, the malware can manipulate file systems and peripheral devices such as cameras and monitors, as well as record via audio and webcam. Password credential theft is also well within its malicious capacity. BoratRAT’s primary intention is to hold a victim’s device and data hostage until a financial ransom is paid. If the ransom is not paid, data and access usage stolen from the device may be eliminated or publicly revealed on a “leak site.”
With many similarities to the earlier SantaRAT threat, BoratRAT has greater versatility. Its multifarious capabilities make it a potential threat to organizations and individuals, with potentially severe consequences if BoratRAT gains access to any endpoint connected to a corporate network.
Discover how BlackBerry prevents BoratRAT attacks in our demo video showing BlackBerry® products versus a live sample of BoratRAT.
DEMO VIDEO: BlackBerry vs. BoratRAT
Learn more about BoratRAT in our deep dive blog: Threat Thursday: BoratRAT
BlackBerry Protection Against This Attack
CylancePROTECT® provides automated malware prevention, application and script control, memory protection, and device policy enforcement. CylanceOPTICS® extends the threat prevention by using artificial intelligence (AI) to prevent security incidents. It provides true AI incident prevention, root cause analysis, smart threat hunting, and automated detection and response capabilities.
Prevention First Philosophy
At BlackBerry, we take a prevention-first and AI-driven approach to cybersecurity. Putting prevention first neutralizes malware before the exploitation stage of the kill-chain. By stopping malware at this stage, BlackBerry solutions help organizations increase their resilience. It also helps to reduce infrastructure complexity and streamline security management, ensuring your business, people and endpoints are secure.
Regardless of your existing BlackBerry relationship, the BlackBerry Incident Response team can work with organizations of any size and across any vertical, to evaluate and enhance their endpoint security posture and proactively maintain the security, integrity, and resilience of their network infrastructure.
For emergency assistance, please email us at DLIR@blackberry.com, or use our handraiser form.