Aria-body Description

The Aria-body malware is believed to be a threat developed by an experienced Chinese APT (Advanced Persistent Threat) dubbed Naikon. The hacking group in question has likely been active for over a decade now, as they were first spotted back in 2010. The Aria-body threat is classified as a backdoor Trojan, and the APT responsible for it has updated it several times so far. According to malware researchers, the Aria-body threat has been deployed against specific targets in the Australian government. The targeted users received spear-phishing emails that contained the corrupted payload of the Aria-body Trojan. In 2019 the Filipino Department of Science and Technology was targeted with a very similar spear-phishing campaign by the same Chinese APT.

The authors of the Aria-body malware appear to target government organizations and officials, mainly. However, it is likely that there are plenty of victims of the Aria-body backdoor Trojan, which have not yet been identified by cybersecurity analysts. The Aria-body threat appears to be propagated by well-designed emails that contain corrupted attachments, whose goal is to exploit known vulnerabilities in the Microsoft Office service.

Once the Aria-body backdoor Trojan has infiltrated a targeted host, it would allow the attackers to:

  • Take screenshots of the desktop and active windows of the user.
  • Gather and exfiltrate data regarding the hardware and software of the infected system.
  • Collect files from connected USB flash drives.
  • Plant additional corrupted payloads.
  • Monitor the running processes and services.
  • Manage, delete, move, create files and folders.
  • Search for certain filetypes and filenames.
  • Launch a keylogger that exfiltrates the collected keystrokes to the C&C (Command & Control) server of the attackers.
  • Launch a reverse proxy service.

If you want to protect your computer and your files from cybercriminals like the ones behind the Aria-body malware, make sure to obtain a reputable anti-malware application that will make sure you are not vulnerable to cyber-attacks.

Do You Suspect Your Computer May Be Infected with Aria-body & Other Threats? Scan Your Computer for Threats with SpyHunter

SpyHunter is a powerful malware remediation and protection tool designed to help provide users with in-depth system security analysis, detection and removal of a wide range of threats like Aria-body as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover*
* Free Remover allows you, subject to a 48-hour waiting period, one remediation and removal for results found. Read our EULA, Privacy Policy & Special Discount Terms. See more Free SpyHunter Remover details.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.