Threat actors have been found using JavaScript malware strain that functions as a loader to distribute an array of remote access Trojans (RATs) and information stealers. RATDispenser has been observed dropping different kinds of malware, including STRRAT, WSHRAT (aka Houdini or Hworm), AdWind (aka AlienSpy or Sockrat), Formbook (aka xLoader), Remcos (aka Socmer), Panda Stealer, CloudEyE (aka GuLoader), and Ratty, each of which are equipped to siphon sensitive data from the compromised devices, in addition targeting cryptocurrency wallets.

Source: hp.com