Most worrying is that RATDispenser is only detected by 11 percent of available anti-virus engines, meaning it’s able to bypass detection tools and successfully deploy malware in the majority of cases.
“It’s particularly concerning to see RATDispenser only being detected by about 11 percent of anti-virus systems, resulting in this stealthy malware successfully deploying on victims’ endpoints in most cases,” says Patrick Schlapfer, malware analyst at HP. “RATs and keyloggers pose a silent threat, helping attackers to gain backdoor access to infected computers and steal credentials from business accounts or even cryptocurrency wallets. From here, cybercriminals can siphon off sensitive data, escalate their access, and in some cases sell this access on to ransomware groups.”
HP Wolf Security also has available a free YARA rule, Python extraction script, and published Indicators of Compromise (IoCs) which can be used to detect and analyse the malware.
You can read more about the threat on the HP site.