Each month reports are being published which provide information about breaches that allowed the theft of financials or (classified) information.
The news states that these attacks are often successful because the cybercriminals use advanced tools to penetrate the networks of their targets, but if you take a good look, the criminals often use the same type of tools which you can find in your Kali Linux operating system.
Remote Access Trojans
The cybercriminals which are hunting down financials and (classified) information often use remote access Trojans to gain access to the information and data that they desire. A remote access Trojan allows the operator to gain full control over the infected device. It also allows the operator to extend the capabilities of the remote access Trojan.
The remote access Trojan is often installed by unaware users that have been targeted by an (sophisticated) social engineering attack.
For example; the financial data processor receives an “fake” e-mail from the company director. The fake e-mail contains an PDF file which holds information that needs to be seen by the financial data processor. Once the PDF file has been clicked the financial data processor device will get infected by an remote access Trojan.
It is an fact that a lot of anti-virus packages are not capable of identifying newly crafted payloads. We have tested this and you can find the report here. The report shows how “easy” it is for cybercriminals to hide their payloads by using encoders.