top of page
Search
Writer's pictureStormsec

Linux Cryptocurrency Mining Attacks Enhanced via CHAOS RAT

In November 2022, researchers intercepted a threat that incorporated an advanced remote access trojan (RAT) named the CHAOS Remote Administrative Tool (Trojan.Linux.CHAOSRAT), which is based on an open source project.




MALWARE FAMILY: ChaosRAT


ATT&CK IDS: T1053 - Scheduled Task/Job, T1113 - Screen Capture, T1496 - Resource Hijacking, T1133 - External Remote Services, T1190 - Exploit Public-Facing Application, T1046 - Network Service Scanning, T1087 - Account Discovery, T1059 - Command and Scripting Interpreter, T1053 - Scheduled Task/Job, T1113 - Screen Capture, T1219 - Remote Access Software, T1065 - Uncommonly Used Port, T1437 - Standard Application Layer Protocol, T1041 - Exfiltration Over C2 Channel, T1496 - Resource Hijacking, T1529 - System Shutdown/Reboot, T1499 - Endpoint Denial of Service, T1565 - Data Manipulation


Read More:

2 views

Comments


Commenting has been turned off.
bottom of page