Syrian hackers launch a Trojan called S500 RAT

The hacker group known as Anonymous Arab has released a remote access Trojan (RAT) called  Silver RAT  that is equipped to bypass security software and launch hidden applications surreptitiously .

Those linked to the development of another RAT known as the S500 RAT are likely of Syrian origin. They also run a Telegram channel that offers various services such as distributing broken RATs , leaked databases, card activities, Facebook selling, and X bots .

#Social_media bots are then used by other #cybercriminals to promote various illicit services by automatically interacting with and commenting on the #user’s content .

C# -based #malware can connect to the command and control (C2) server , log keystrokes, destroy system restore points, and even encrypt #data with ransomware. 

While creating a payload using the Silver RAT Builder , threat actors can select various options with a maximum payload size of 50 KB  and once connected, the victim appears on the attacker-controlled Silver RAT panel that displays logs based on the chosen functionality.

One interesting evasion feature built into Silver RAT is its ability to delay payload execution for a specified period of time as well as secretly run #applications and control the compromised host .

Further analysis of the malware author’s online fingerprint shows that one of the group members is likely in his mid-twenties and resides in Damascus .