GravityRAT Malware that Spies on Computer, Updated

GravityRAT, a malware allegedly designed by Pakistani hackers, has recently been updated further and equipped with anti-malware evasion capabilities.

• GravityRAT is designed to infiltrate computers and steal the data of users and relay the stolen data to Command and Control centres in other countries.  
• It was first detected by Indian Computer Emergency Response Team, CERT-In in 2017.
• RAT’ in its name stands for Remote Access Trojan, which is a program capable of being controlled remotely and is thus difficult to trace.
• It acts as an Advanced Persistent Threat (APT), which, once infiltrates a system, silently evolves and does long-term damage.
• GravityRAT has now become self aware and is capable of evading several commonly used malware detection techniques.
• GravityRAT infiltrates a system in the form of an innocuous looking email attachment, which can be in any format, including MS Word, MS Excel, MS Powerpoint, Adobe Acrobat or even audio and video files.
• The data is sent in an encrypted format, making it difficult to detect exactly what is leaked.
• The new version of GravityRAT can check system temperature by recording thermal readings for detecting the presence of VMs (virtual machines). 
• It can also collect open ports on the targeted system and creates a list of all the active processes after which it starts stealing files stored on any connected USB drive.

Expected Questions

1. Name the malware designed to infiltrate the computers whoch has been recently upgraded?
- GravityRAT

2. What does the word RAT in its name denote?
- Remote Access Trojan

3. Name the malware which is hidden within apparently harmless code to take the user by surprise?
- Trojan Horse

4. What is the full form of CERT-In?
- Indian Computer Emergency Response Team

5. What do you mean by P2PE?
 Point-to-Point Encryption

6. Which Indian nodl agency deals with the cybersecurity threats like hacking and phishing?
- CERT-In