Silver RAT Linked to Syrian Threat Actor

computer malware

A hacking group known as Anonymous Arabic has recently unleashed a new remote access trojan (RAT) named Silver RAT. This malware is designed to circumvent security software and discreetly initiate concealed applications. Cyfirma, a cybersecurity firm, highlighted the active and sophisticated presence of the developers on multiple hacker forums and social media platforms in a recent report.

These threat actors, believed to be of Syrian origin and associated with the creation of another RAT named S500 RAT, manage a Telegram channel offering various services. These services include distributing cracked RATs, sharing leaked databases, engaging in carding activities, and selling Facebook and X (formerly Twitter) bots. The sold social media bots are later employed by other cybercriminals to automatically interact with and comment on user content to promote illicit services.

Silver RAT is Still Relatively Fresh

Silver RAT v1.0 was first detected in the wild in November 2023, even though the hackers officially announced their plans to release the trojan a year earlier. The trojan was cracked and leaked on Telegram around October 2023.

This C#-based malware comes with numerous features, such as connecting to a command-and-control (C2) server, logging keystrokes, deleting system restore points, and encrypting data using ransomware. There are also hints that an Android version is currently in development.

When creating a payload with Silver RAT's builder, threat actors can choose from various options with a payload size of up to 50kb. Once connected, the victim's data is displayed on the attacker-controlled Silver RAT panel, showcasing logs based on the selected functionalities.

An interesting evasion tactic incorporated into Silver RAT is its capability to postpone payload execution for a specific time, along with the ability to discreetly launch apps and take control of the compromised host.

Further examination of the online activities of the malware authors suggests that one of the group members is likely in their mid-20s and based in Damascus.

How To Stop & Remove The Silver Remote Access Trojan On Your Computer

By Zaib
January 10, 2024
Malware
English
January 10, 2024
Malware

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

Pinaview is a Fully-Featured Adware App

11 months ago

'American Express - Update Your Account Information' Email Scam

6 months ago

Paraboobs.xyz Attempts to Spam Push Notification Ads

4 months ago

Related Posts

Malware

Giddome Backdoor Linked to Russian Threat Actor

Security researchers with Symantec recently published a report on new activity conducted by Russian threat actors and aimed at Ukrainian targets. The threat actor is known by several aliases, including Gamaredon and... Read more

August 18, 2022
Computer Security

ObjCShellz Malware Linked to NK Threat Actor BlueNoroff

The nation-state group BlueNoroff, associated with North Korea, is now linked to an undisclosed macOS malware strain called ObjCShellz, as revealed by Jamf Threat Labs. This malware is part of the RustBucket malware... Read more

November 9, 2023
Malware

IMAPLoader Malware Linked to Iranian Threat Actor

The Iranian threat actor known as Tortoiseshell, also tracked by names such as Crimson Sandstorm, Imperial Kitten, TA456, and Yellow Liderc, has been attributed to a new wave of watering hole attacks involving the... Read more

November 14, 2023
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.