Rise of the Java Remote Access Tools: The phishing email contains two legitimate non-malicious PDF documents and one Java file that mimics the name of a legitimate document. If a user is tricked into clicking this fake document, the Java applet will be run (providing that Java is installed on the user’s computer).
This applet is a RAT named jRat, it is available for free and Symantec detects it as Backdoor.Jeetrat. This threat can give full control of the compromised computer to a remote attacker. More importantly, because it is a Java applet the threat is able to run on multiple operating systems, not just Windows. In fact, the threat has a builder tool that allows you to build your own customized versions of the RAT, and we can see that when it comes to the targeted operating systems, the choice is very broad.