CrossRAT

Description

(The Hacker News) CrossRAT is a cross-platform remote access Trojan that can target all four popular desktop operating systems, Windows, Solaris, Linux, and macOS, enabling remote attackers to manipulate the file system, take screenshots, run arbitrary executables, and gain persistence on the infected systems.

According to researchers, Dark Caracal hackers do not rely on any ‘zero-day exploits’ to distribute its malware; instead, it uses basic social engineering via posts on Facebook groups and WhatsApp messages, encouraging users to visit hackers-controlled fake websites and download malicious applications.

CrossRAT is written in Java programming language, making it easy for reverse engineers and researchers to decompile it.

Names

Name
CrossRAT
Trupto

Category

Malware

Type

• Backdoor
• Info stealer

Information

• https://thehackernews.com/2018/01/crossrat-malware.html
• https://objective-see.com/blog/blog_0x28.html

Mitre Attack

• https://attack.mitre.org/software/S0235/

Malpedia

• https://malpedia.caad.fkie.fraunhofer.de/details/jar.crossrat

Other Information

Uuid

1e267dbe-3c07-4764-9025-ab927fe63841

Last Card Change

2020-05-13