Revenge RAT

Revenge RAT is a remote access trojan discovered by Cisco Talos researchers using both this RAT and Orcus RAT as malware distribution campaigns targeting organizations including government entities, financial services organizations, information technology service providers and consultancies. It is capable of opening remote shells, allowing threat actors to manage file systems, processes, registry, and services in order to log keystrokes, dump victims’ passwords, and to access the webcam. Threat actors use DDNS to conceal their C2 servers and point the DDNS to the Portmap service to provide an additional layer of infrastructure obfuscation.

Technical Details

Bleeping Computer provides technical analysis on the Revenge RAT, available here.

Trojan VariantsNJCCICAugust 29, 2019Orcus, Revenge

Revenge RAT

NJ CYBERSECURITY & COMMUNICATIONS INTEGRATION CELL

PO Box 091

Trenton, NJ 08625

CONTACT US

Email: njccic@cyber.nj.gov

Phone: 1-833-4-NJCCIC (1-833-465-2242)