According to the company “Kaspersky Lab” from the malware called Adwind suffered more than 400 thousand users. This backdoor is distributed in the format of “malware as a service”. Among the victims attacked them present users and organizations from different countries of the world. 49% of the victims are concentrated in just a dozen countries — Russia, UAE, Germany, India, the USA, Italy, Vietnam, Hong Kong, Turkey and Taiwan.
According to experts, the threat is still active and is used mostly for cyber espionage in areas such as manufacturing, Finance, construction and engineering, retail, logistics, telecommunications, software development, education, health, food production, energy, media and the government.
Adwind first got on the radar antivirusnik companies in 2013 and can still be found under different names, for example lienSpy, Frutas, Unrecom, Sockrat, JSocket, and jRat.
As Adwind is created on Java, it can attack all major operating systems, including Windows, OS X, Linux and Android. It allows unauthorized access to gather data and to remotely control the infected device, including take screenshots, monitor keystrokes, passwords, and data in web forms and stored in the browser to record the web camera and microphone, and so on.