In context: Hackers are often portrayed as elite-level computing geniuses that are somehow impervious to the types of attacks they are known for waging. The truth of the matter, however, is that like most other things in life, there are levels to the game.

Threat detection specialists at cybersecurity technology company Cybereason recently unmasked a campaign in which hackers are weaponizing various hacking tools and key generators and redistributing them on forums and websites. In this instance, they are using a powerful Trojan called njRat that has been around since at least 2013.

Once the malicious files are downloaded and opened, the attacker gains complete access to their machine and can use it for anything from conducting DDoS attacks and stealing sensitive information to recording microphone and webcam feeds.

It’s rather clever when you think about it. Instead of going out and doing the dirty work themselves, attackers are letting other hackers get their hands dirty and stealing their haul without them even knowing it.

Cybereason said it appears as though the campaign has been going on for several years. Worse yet, it’s not limited to hacking tools as they’ve also found samples pretending to be Chrome browser installers, native Windows applications and programs not related to hacking or penetration testing. New iterations are cropping up on a daily basis, the firm added.

Masthead credit: Hacker by Screenshot by Cybereason.