This ‘hot or not’ dating scam could seize control of your PC

Cybercriminals have repurposed the Hupigon RAT to launch adult dating attacks

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Security researchers atProofpointhave discovered that threat actors have repurposed a nearly 15-year-old attack tool called Hupigon to launch anew campaigntargeting both faculty and students at colleges and universities across the US.

Hupigon is a remote access trojan (RAT) that has been around since at least 2006 and it is often associated with state-sponsored APT threat actors.

The new campaign uses a “hot or not” dating format where users must choose between one of two pictures by clicking on the link under the picture.

However, when a recipient of themalicious emailclicks either link, an executable containing Hupigon begins to download. Running the downloaded file installs the RAT on their system which gives the attackers control of their PC.

Hupigon RAT

Hupigon RAT

This new campaign has already delivered over 150,000 malicious messages to over 60 different industries with 45 percent focused on education, colleges and universities. Between April 14 and 15 of this year, message volumes reached approximately 80,000 messages, coinciding with an observed rotation in payload.

Hupigon has many features and capabilities and the RAT allows attackers to access an infected machine, log keystrokes, steal passwords and monitor a user’s webcam which could be used later to launchsextortion attacks.

Proofpoint associates Hupigon with historic APT campaigns based on the language of the builder, open source breach reporting and multiple reports of similar APT actor behavior between 2010 and 2012.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Users can avoid falling victim to this latest campaign by monitoring their inboxes closely and not clicking on any links in emails from unknown senders.

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

After Arcane season 1 ended on a stunning cliff hanger, its creators say it was ‘always the plan’ for those characters to die in the season 2 premiere