Attivo Networks Blogs

US visa applicants become latest victims of targeted malware attacks

US visa applicants in Switzerland are falling victim to a hitherto unknown malware called Qarallaz RAT or QRAT, which is being distributed via Skype by an unknown entity posing as a US government official. Upon further investigation, security researchers uncovered that the malware has been active elsewhere as well, targeting US visa applicants in various countries.

F-Secure security researchers claim that hacker/hackers posing as US government officials, claiming to provide guidance on visa application procedures, have been sending people a malicious Java file named “US Travel Docs Information.jar“, containing a new strain of RAT (Remote Access Trojan), which enables hackers to gain access to victims’ computers. The QRATmalware has the alarming ability to seize mouse clicks, cursor movements, keystrokes and even remotely operate and manipulate webcam operations such as taking snapshots or videos.


Read more>>

Share on:

Free Active Directory Assessment

Get Visibility Into Privilege And Service Account Exposure

For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.

Try Our Endpoint Detection Net (EDN) for Free


Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.

ADSecure 90-Day Free Trial


  • Hide and deny access to AD objects
  • Get alerted on unauthorized queries
  • Attack details easily viewable in dashboard
  • Your data remains on-premise


Leave a Comment

Your email address will not be published.

3 × 5 =

Ready to find out what’s lurking in your network?

Scroll to Top