CyberSecurityBoard
Sponsor Register Login

Gh0st rat

Gh0st RAT is a Trojan horse for the Windows platform. The “RAT” part of the name refers to the software’s ability to operate as a "Remote Administration Tool". It is a cyber spying computer program used to control infected Windows computers remotely. Gh0st RAT is installed on computers through other malware that opens a ‘backdoor’. This allows cyber criminals to control the infected computers. Gh0st RAT has been used in many cyber espionage/targeted attacks like “Gh0stnet” which was targeted against the compromise of computer systems owned by the Private Office of the Dalai Lama, and several other Tibetan enterprises. Gh0st RAT operators have used dynamic DNS to mask the true location of their C2 behind rapidly changing IP addresses. Gh0st RAT has encrypted TCP communications to evade detection. It uses RC4 and XOR to encrypt C2 traffic.


Cyber News related to Gh0st rat

SugarGh0st RAT Attack Organizations & Individuals in AI Research - Advertising presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type or which content you are interacting with. Information about your activity on this ...
7 months ago Cybersecuritynews.com
SugarGh0st RAT Delivered via Malicious Windows & JavaScript - RATs allow threat actors to execute the following malicious actions while remaining hidden from the victim:-. Recently, cybersecurity researchers at Cisco Talos discovered a malicious campaign that was found to be delivering a new RAT that's been ...
1 year ago Cybersecuritynews.com
A New, Spookier Gh0st RAT Malware Haunts Global Cyber Targets - A new variant of the infamous "Gh0st RAT" malware has been identified in recent attacks targeting South Koreans and the Ministry of Foreign Affairs in Uzbekistan. The Chinese group "C.Rufus Security Team" first released Gh0st RAT on the open Web in ...
1 year ago Darkreading.com
Hackers Gaining Unauthorized Access to Windows Devices Through Silver and BYOVD Exploits - Last summer, cybercriminals began using Sliver as an alternative to Cobalt Strike, using it for monitoring networks, executing commands, loading reflective DLLs, spawning sessions, and manipulating processes. Recently, attacks have been observed ...
1 year ago Heimdalsecurity.com
Cybercriminals Take Advantage of Weaknesses in Sunlogin to Install Sliver Command and Control System - Cybercriminals are taking advantage of known weaknesses in Sunlogin software to deploy the Sliver command-and-control framework for post-exploitation activities. This was discovered by AhnLab Security Emergency response Center, which found that ...
1 year ago Thehackernews.com
Illegal Access to Windows Computers Through Silver and Bring Your Own Device Vulnerabilities - A recent hacking campaign has been exploiting vulnerabilities in Sunlogin, a remote-control software, to deploy the Sliver post-exploitation toolkit and launch Windows Bring Your Own Vulnerable Driver (BYOVD) attacks to disable security software. ...
1 year ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)