ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool Warzone RAT

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Warzone RAT

NamesWarzone RAT
Warzone
CategoryMalware
TypeBackdoor, Credential stealer, Keylogger, Downloader, Remote command
Description(Anomali) Warzone RAT is a commodity info stealer written in C++ that is widely available for purchase on criminal forums. Warzone is a commodity malware, with cracked versions hosted on GitHub. The RAT reuses code from the Ave Maria stealer.
Information<https://www.anomali.com/blog/aggah-using-compromised-websites-to-target-businesses-across-asia-including-taiwan-manufacturing-industry>
<https://www.justice.gov/opa/pr/international-cybercrime-malware-service-dismantled-federal-authorities-key-malware-sales>
MITRE ATT&CK<https://attack.mitre.org/software/S0670/>

Last change to this tool card: 06 March 2024

Download this tool card in JSON format

All groups using tool Warzone RAT

ChangedNameCountryObserved

APT groups

 Aggah[Unknown]2018-Jun 2022 
XBlind EagleColombia2018-Jun 2024 
 Operation Armor PiercerPakistan2020 
 Sandworm Team, Iron Viking, Voodoo BearRussia2009-Mar 2024X
 Tomiris[Unknown]2020 
 YoroTrooperKazakhstan2022 

6 groups listed (6 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]