Taiwan's Bureau of Criminal Investigation arrested a man suspected of cyber-attacks, which were performed using the Ghost RAT Trojan. According to Trend Micro experts, who assisted the investigation, the hacker distributed a version of Ghost RAT (BKDR_GHOST) via phishing email-messages. Malicious emails were allegedly sent on behalf of the Taiwan Bureau of Health.
Links that were in the letters redirected users to a website that looks like an official one. Users could download RAR-files from it. Actually, the archives contained malicious files. If the victim ran the file on the system, the attacker gained full control of the device.
Ghost RAT is a trojan that has been already used by hackers all over the world to infect the most protected computers. Infecting the victim's machine, the Trojan can execute any action on the system (e.g. turn on the camera and record the audio signal).