These vulnerabilities were observed to be critical in October 2020. Cyberint's Research Team recommends to patch and take the necessary steps immediately.

First identified as active in November 2012, 'njRAT', also known as 'Bladabindi' or 'Njw0rm', is a well established and prevalent remote access trojan (RAT) threat that was initially created by a cybercriminal threat group known as 'Sparclyheason' and used to target victims located in the Middle East. Undoubtedly following the source code leak, reportedly in May 2013, njRAT has become widely available on the cybercriminal underground with numerous variants being released over the years.

Historically targeting the financial sector, and first observed in 2014 as a banking trojan, Emotet remains an active and credible threat to organizations across all industries worldwide and, whilst retaining some core data stealing capabilities, has evolved to act as a downloader for secondary malicious payloads.

An investigation into a suspicious Facebook Messenger message led to the identification of an active Facebook phishing campaign seemingly resulting in victim accounts being abused by the threat actor to further propagate the phishing lure.