This news is more about script kiddies. We mean "hackers" who hack with third party tools εργαλ
A hacker who uses as an alias, Pahan began infecting other hackers with various malware, apparently for his own benefit.
You know that the internet is full of “hacking forums” where hacking tools and guides are traded. They are the places where you can find various already malware and exploits, by cyber-criminal developers who develop them, or modify them. Meanwhile all these forums are under close surveillance by various security companies and apparently by the authorities.
So, according to a Sophos publication, a hacker develops tools that target other hackers.
Using the aliases Pahan, Pahan12, Pahan123, or Pahann, this person has promoted his hacking tools to various hacking forums, and Sophos has discovered that all of the tools available to that user are infected with malicious software.
Its tools contain keyloggers that intercept passwords and hijack the malware / botnet control panels.
Sophos has already mentioned three such cases.
The first is in a hacking forum where Pahan provided a free download of Aegis Crypter, a tool that performs obfuscating and conceals malicious applications from virus scanners. According to Sophos, this tool was infected with the RxBot trojan.
In the second incident (March 2016), Pahan, using the alias Pahann, was selling a version of keylogger KeyBase that infected its buyers with the COM Surrogate malware, which then re-downloaded RxBot, a Trojan that enslaves computers in a botnet.
The last incident (July 2016) Pahan, using the name Pahan12, offered a free version of PHP RAT (Remote Access Trojan) που ονομάζεται SLICK RAT. Ο ερευνητής της Sophos Gabor Szapannos αναφέρει ότι το SLICK RAT μολύνει τα θύματά του με το keylogger KeyBase, το οποίο συλλέγει κωδικούς πρόσβασης και τους αποστέλλει πίσω στον Pahan.
At present, it is not known how many wannabe hackers are infected with the malware distributed by Pahan.