 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: CrossRAT| Names | CrossRAT Trupto | |
| Category | Malware | |
| Type | Backdoor, Info stealer | |
| Description | (The Hacker News) CrossRAT is a cross-platform remote access Trojan that can target all four popular desktop operating systems, Windows, Solaris, Linux, and macOS, enabling remote attackers to manipulate the file system, take screenshots, run arbitrary executables, and gain persistence on the infected systems. According to researchers, Dark Caracal hackers do not rely on any 'zero-day exploits' to distribute its malware; instead, it uses basic social engineering via posts on Facebook groups and WhatsApp messages, encouraging users to visit hackers-controlled fake websites and download malicious applications. CrossRAT is written in Java programming language, making it easy for reverse engineers and researchers to decompile it. | |
| Information | <https://thehackernews.com/2018/01/crossrat-malware.html> <https://objective-see.com/blog/blog_0x28.html> | |
| MITRE ATT&CK | <https://attack.mitre.org/software/S0235/> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/jar.crossrat> | |
Last change to this tool card: 13 May 2020
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
| Dark Caracal |  | 2007-2020 | |||
1 group listed (1 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |