top of page
Search

SafeBreach Uncovers New Remote Access Trojan (RAT)

A previously undiscovered remote access trojan (RAT) is being used to target Farsi-speaking code developers in Iran. Dubbed CodeRAT, the new RAT is used in attacks targeting developers using a Microsoft Dynamic Data Exchange (DDE) exploit.




TARGETED COUNTRY: Iran, Islamic Republic of


MALWARE FAMILY: RAT


ATT&CK IDS: T1106 - Native API, T1070 - Indicator Removal on Host, T1113 - Screen Capture, T1059 - Command and Scripting Interpreter, T1090 - Proxy, T1559 - Inter-Process Communication, T1105 - Ingress Tool Transfer, T1057 - Process Discovery, T1083 - File and Directory Discovery, T1566 - Phishing


Read More:

0 views
bottom of page