A new Android RAT (Remote Access Trojan) detected under the name of GhostCtrl can lock mobile device by resetting their PIN and display a ransom note to infected victims. These ransomware capabilities have been observed in the source code of GhostCtrl, but not in real-world infections, where the RAT was mostly used for its data exfiltration capabilities. The GhostCtrl RAT was discovered by Trend Micro researchers part of a wave of attacks against Israeli healthcare organizations. The campaign targeted primarily Windows computers with RETADUP, a combination of a worm, infostealer, and backdoor trojan.
View Full Story
ORIGINAL SOURCE: Bleeping Computer