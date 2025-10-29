Malware

Modular Atroposia RAT eases cybercrime

BleepingComputer reports that multiple sophisticated features have been embedded into the new modular Atroposia RAT that could enable persistence, data exfiltration, and local vulnerability scanning for a $200 monthly subscription, lowering the barrier for cybercrime. Aside from using encrypted channels to communicate with its command-and-control infrastructure and evading User Account Control for privilege escalation on Windows systems, Atroposia RAT features the HRDP Connect Module that allows stealthy opening of apps, documents, and emails, as well as an Explorer-like file manager that permits remote file browsing, deletion, and execution, according to an analysis from Varonis. Atroposia RAT also contains a stealer module, a clipboard manager, and a host-level DNS hijack module that facilitates covert routing to servers that support man-in-the-middle, phishing, and malware intrusions. Moreover, incomplete patches and misconfigurations are being detected by Atroposia's built-in vulnerability scanner for improved exploit prioritization. Such a new malware-as-a-service threat should prompt users to strictly download software from official channels.

