A threat actor calling herself as ‘0xFF’ advertised a new RAT in HackForums.
According to the threat actor, this new RAT tool is supporting Windows (amd64, i386, arm, arm64), Linux (amd64, i386, arm, arm64), Darwin (MacOS) (amd64(Intel), arm64(m1)) and Android (bin) (amd64, i386, arm, arm64).
This Multi-OS RAT has features below;
– No need to lower AV settings to keep running
– Everything is being automatically compiled for you.
– Remote non-interactive shell
– No need to remember all the different OSes when doing simple tasks
– Downloading files from external server to host
– Uploading files from computer to the tool’s panel
– Taking screenshots (automatic (every x seconds) or manual)
– Custom scripts that can execute different written code on demand in the targeted devices.
– Get notified when devices go online/offline, when a new device connects or command finish executing.
– Custom installer
– Commands on boot and on new connect
The actor also mentioned that they can create postloads for the customer.
It seems like the RAT has several licensing options, and not so expensive. Tools like that make it easier for people without technical knowledge and software skills to carry out attacks on their own. This situation seems to be pushing institutions more and more each day.