Security researchers warn that a new remote access trojan named JhoneRAT is targeting the Middle East and boasts anti-detection techniques such as making use of Google Drive, Google Forms, and Twitter. Once it is downloaded, the RAT gathers information off of the victim’s device and downloads additional payloads.

There is evidence proving that the attackers behind JhoneRAT have taken measures to ensure that the trojan is being distributed to Arabic speaking victims. The campaign is active and started in November of 2019. Experts stated that the nature of the campaign leads analysts to believe that an actor developed a homemade RAT and is now deploying it to its victims.