New security alerts reveal that a new malware known as the Octopus Scanner is spreading through Java applications and NetBeans projects. This was observed by the use of Apache Netbeans IDE (Integrated Development Environment), a tool used for writing and compilation of Java applications.
From the security alert, it was given that when users download any project carrying the malware, it would act like a virus and spread fast. Thus, it can further infect local computers and connected devices. How does it work? It scans through the victim’s desktop computer for any installation of local NetBeans IDE, and go onward to affect other Java projects of the developer.
The malware, which can easily run on macOS, Linux, and Windows can download and install a remote access Trojan (RAT) as the last punch of its infection. However, the main aim of the attack on NetBeans projects is to put a RAT on the developers working machine is to get into sensitive projects and not really to damage Java projects. This would permit the Octopus Scanner to run through the infected computer, searching for and stealing sensitive information.
The RAT gives the attacker access to get confidential information about running tools, upcoming tools, and proprietary codes. They can alter codes to enable backdoor entry into closed-source software systems. Names of the poisoned objects were not mentioned in the security alert. The alert was released so that Java developers and users can look out for signs and indications that their projects and computers have been tampered with or altered. Though the infecting processes are not new, seeing it actively growing and used is certainly an alarming trend.
The goal of every developer is to stay safe from hackers and intruders who seek to get vital information from their computers. It is advised that cybersecurity measures should be taken.