A new Java-based remote access trojan (RAT) named QuimaRAT has been identified by LevelBlue, capable of infecting Windows, Linux, and macOS systems. This cross-platform malware is being offered as a malware-as-a-service (MaaS), with subscription costs ranging from $150 for one month to $1,200 for lifetime access, according to a recent report by The Hacker News.QuimaRAT features a modular architecture, allowing for dynamic expansion of capabilities through encrypted plugins delivered via its command-and-control (C2) infrastructure. The associated builder supports multiple output formats including JAR, EXE, APP, SH, BAT, and VBS, enabling tailored packaging for different environments. While promising stealth on Windows and Linux, macOS users may need to have admin permissions for certain features. The malware suite also includes a builder, loader, and dropper.QuimaRAT employs various persistence methods, such as Registry Run keys, Scheduled tasks, Startup folder on Windows, .desktop autostart entries and crontab on Linux, and LaunchAgent plist files on macOS. It can execute commands remotely, steal credentials, transfer files, manipulate the clipboard, and conduct webcam surveillance, offering attackers extensive control over compromised systems.Source: The Hacker News
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
Related Terms
AdwareYou can skip this ad in 5 seconds




