Names | DarkComet DarkKomet Fynloski FYNLOS klovbot Krademok Breut | |
Category | Tools | |
Type | Backdoor, Keylogger, Credential stealer, Info stealer | |
Description | (Wikipedia) DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur (known as DarkCoderSc), an independent programmer and computer security coder from France. Although the RAT was developed back in 2008, it began to proliferate at the start of 2012. The program was discontinued, partially due to its use in the Syrian civil war to monitor activists but also due to its author's fear of being arrested for unnamed reasons. As of August 2018, the program's development 'has ceased indefinitely', and downloads are no longer offered on its official website. DarkComet allows a user to control the system with a graphical user interface. It has many features which allows a user to use it as administrative remote help tool; however, DarkComet has many features which can be used maliciously. DarkComet is commonly used to spy on the victims by taking screen captures, key-logging, or password stealing. | |
Information | <https://en.wikipedia.org/wiki/DarkComet> <https://darkcomet.net> <https://blog.malwarebytes.com/detections/backdoor-darkcomet/> <https://blog.malwarebytes.com/threat-analysis/2012/06/you-dirty-rat-part-1-darkcomet/> <https://blog.malwarebytes.com/threat-analysis/2012/10/dark-comet-2-electric-boogaloo/> | |
MITRE ATT&CK | <https://attack.mitre.org/software/S0334/> | |
Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.darkcomet> | |
AlienVault OTX | <https://otx.alienvault.com/browse/pulses?q=tag:DarkComet> |
Last change to this tool card: 28 December 2022
Download this tool card in JSON format
Changed | Name | Country | Observed | ||
APT groups | |||||
APT 33, Elfin, Magnallium | 2013-Apr 2024 | ||||
Lazarus Group, Hidden Cobra, Labyrinth Chollima | 2007-Sep 2024 | ||||
Transparent Tribe, APT 36 | 2013-Jun 2024 |
3 groups listed (3 APT, 0 other, 0 unknown)
Digital Service Security Center Follow us on |
Report incidents |
|
+66 (0)2-123-1227 | ||
[email protected] |