Skip to main content

Hackers can easily watch your every move, control PCs with free NanoCore Trojan

If your laptop or desktop is running Windows, you might want to make sure you’re up and running with the latest version of the operating system and your antivirus software. Researchers have discovered a new strain of the “NanoCore” remote access trojan (RAT), which could leave the most amateur hackers in complete control of your PC.

While RAT trojans have been around for some time, the latest trojan, known as NanoCore v1.2.2, is particularly dangerous. It is freely available for hackers to download on the dark web and can also easily be deployed to PCs. The most common method for deployment is via bogus “Urgent” phishing emails that typically contain fake order invoice documents with hidden malicious macro scripts. It is well known to security researchers but also can reach deep into the Windows registry and, even the network.

Related Videos

Once NanoCore 1.2.2 is deployed, hackers can remotely shut down and restart a PC, access files, the registry editor, control the mouse, open webpages, and even encrypt a PC with ransomware software. Even worse, hackers could disable the webcam lights on a PC and listen to or watch unsuspecting users every move.

Although it appears NanoCore v1.2.2 must first be downloaded to a PC by unsuspecting users to spread its true impact, Forbes is warning that Windows users should still “Update Now” to avoid it. If you’re concerned, you can do this through Windows Update.

Still, a rise in the use of this particular version of NanoCore was first discovered in April, and it is especially dangerous since it is heavily modified. Unlike most trojans, this strain of NanoCore can be controlled with an easy-to-understand interface.

“Once downloaded from the Dark Web, the NanoCore RAT is controlled through a user-friendly interface. This lowers the barrier for entry and enables even the most amateur hackers to weaponize emails and kick off their own campaigns,” said security experts at Lmntrix Labs.

The spread of NanoCore v1.2.2 comes just a few weeks after security researchers found a separate security issue with the BIOS and drivers in newer Windows PCs. While some vendors have since patched this, according to MSPoweruser, hackers could also still be leveraging a flaw in the patch on Windows devices with older Intel CPUs to spread and deploy NanoCore 1.2.2.

Editors' Recommendations

If you use this free password manager, your passwords might be at risk
Office computer with login asking for password and username.

Researchers have just found a flaw within Bitwarden, a popular password manager. If exploited, the bug could give hackers access to login credentials, compromising various accounts.

The flaw within Bitwarden was spotted by Flashpoint, a security analysis firm. While the issue hasn't received much -- or any -- coverage in the past, it appears that Bitwarden was aware of it all along. Here's how it works.

Read more
MacGPT: how to use ChatGPT on your Mac
The MacGPT app for macOS Monterey and Ventura.

Apple might not officially be in the AI space, but a developer has created a legitimate way to bring ChatGPT to macOS and make the chatbot accessible from your menu bar.

The aptly named MacGPT is an application developed by Jordi Bruin that allows you to install ChatGPT as a remote browser on your Mac desktop. The application has been available since the 2022 holiday season and has garnered over 370 ratings, many of which are five stars. MacGPT is currently free, however, Bruin accepts donations. Once out of beta, he will make MacGPT available at the App Store, where it will sell for $5.

Read more
Grammarly’s new ChatGPT-like AI generator can do a lot more than proofread your writing
GrammarlyGO's Rewrite for Length feature is shown.

Grammarly, one of the biggest names in writing tools, is adding AI-generated text to its repertoire on the heels of the wild popularity of ChatGPT. Known as GrammarlyGO, this new tool is focused on improving writing rather than replacing the writer.

GrammarlyGO will roll out in beta form to existing users in April. All tiers, including developers, business, education, and premium users, will have access. You can even use GrammarlyGO with a free account.

Read more