ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool JRat

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: JRat

NamesJRat
Jacksbot
CategoryMalware
TypeBackdoor
Description(Electronic Frontier Foundation) One of the common malware samples used over the course of Operation Manul is known as JRat or Jacksbot. JRat is a commercially available remote access tool (RAT), written in Java. JRat is currently available for purchase at jrat[.]io for the price of $40USD. JRat has been continuously developed for the last four years, seemingly by a single developer who goes by the name “redp0ison”. While JRat itself is closed source, many modules and helpful utilities are open source and are available on github.
Information<https://www.eff.org/files/2016/08/03/i-got-a-letter-from-the-government.pdf>
<https://blog.trendmicro.com/trendlabs-security-intelligence/jacksbot-has-some-dirty-tricks-up-its-sleeves/>
<https://maskop9.wordpress.com/2019/02/06/analysis-of-jacksbot-backdoor/>
<https://research.checkpoint.com/malware-against-the-c-monoculture/>
<https://www.intego.com/mac-security-blog/new-multiplatform-backdoor-jacksbot-discovered>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/jar.jrat>

Last change to this tool card: 24 April 2021

Download this tool card in JSON format

Previous: JPIN
Next: JripBot

All groups using tool JRat

ChangedNameCountryObserved

APT groups

 Operation ManulKazakhstan2015 

1 group listed (1 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]