The authors are ready to share advanced software to take control of the device.
The hacker group Anonymous Arab has released a Remote Access Trojan (RAT) called Silver RAT, which is able to bypass security and run hidden applications unnoticed. This was reported by the information security company Cyfirma in its report.
Silver RAT developers are actively working on numerous hacker forums and social networks, demonstrating high activity and advanced skills. The RAT Trojan is sold at a price of $900 for a lifetime license, $160 for a one-year license, and $80 for a half-year license. The authors of the program are estimated to be of Syrian origin and are associated with the development of another RAT, known as the S500 RAT.
Hackers also run a Telegram channel that offers services for distributing hacked rats, leaking databases, carding, and selling bots for Facebook* and X. Bots are then used by other cybercriminals to promote various illegal services by automatically interacting and commenting on users ' content.
Ad for the sale of Silver RAT on one of the underground forums
The first cases of using Silver RAT v1.0 in real-world conditions were noticed in November 2023, although plans for the release of the Trojan were announced a year earlier. In October 2023, the program was hacked and leaked to Telegram. After the leak, Silver RAT v1.0 is available for free on Telegram, as well as on some underground forums and Github, along with full instructions on how to use it.
Malware based on C# boasts a wide range of features that allow you to connect to the command and Control server (C2), log keystrokes, destroy system restore points, and even encrypt data using ransomware. There are also indications that an Android version is being developed.
Cyfirma explains that when creating a payload using the Silver RAT linker, attackers can choose various options with a payload size of up to 50 KB. After connecting, the victim is displayed on the Silver RAT control panel, which is controlled by the hacker and displays the victim's logs depending on the selected functions.
A cybercriminal can hide processes under false headers, and the final payload can be generated in a Windows executable delivered using social engineering.
After successful connection, the operator can initiate various malicious actions in the target system
One of the interesting evasion features built into Silver RAT is the ability to delay payload execution for a certain amount of time, as well as secretly launch applications and monitor a compromised host. And the Windows Defender exception feature prevents detection after the first program launch.
Experts also found transactions on the authors Silver RAT crypto wallet in the amount of about $2,275 per day (from December 24, 2023 to December 25, 2023), which may indicate cash withdrawal activities. Additional analysis of the malware author's online activity shows that one of the group's members is probably around 20 years old and lives in Damascus, Syria.
The developer of Silver RAT, according to reports in Telegram, supports Palestine, and members of the group are active in various areas, including social networks, development platforms, darknet forums and websites on the public Internet, which indicates their participation in the distribution of various malware.
The hacker group Anonymous Arab has released a Remote Access Trojan (RAT) called Silver RAT, which is able to bypass security and run hidden applications unnoticed. This was reported by the information security company Cyfirma in its report.
Silver RAT developers are actively working on numerous hacker forums and social networks, demonstrating high activity and advanced skills. The RAT Trojan is sold at a price of $900 for a lifetime license, $160 for a one-year license, and $80 for a half-year license. The authors of the program are estimated to be of Syrian origin and are associated with the development of another RAT, known as the S500 RAT.
Hackers also run a Telegram channel that offers services for distributing hacked rats, leaking databases, carding, and selling bots for Facebook* and X. Bots are then used by other cybercriminals to promote various illegal services by automatically interacting and commenting on users ' content.
Ad for the sale of Silver RAT on one of the underground forums
The first cases of using Silver RAT v1.0 in real-world conditions were noticed in November 2023, although plans for the release of the Trojan were announced a year earlier. In October 2023, the program was hacked and leaked to Telegram. After the leak, Silver RAT v1.0 is available for free on Telegram, as well as on some underground forums and Github, along with full instructions on how to use it.
Malware based on C# boasts a wide range of features that allow you to connect to the command and Control server (C2), log keystrokes, destroy system restore points, and even encrypt data using ransomware. There are also indications that an Android version is being developed.
Cyfirma explains that when creating a payload using the Silver RAT linker, attackers can choose various options with a payload size of up to 50 KB. After connecting, the victim is displayed on the Silver RAT control panel, which is controlled by the hacker and displays the victim's logs depending on the selected functions.
A cybercriminal can hide processes under false headers, and the final payload can be generated in a Windows executable delivered using social engineering.
After successful connection, the operator can initiate various malicious actions in the target system
One of the interesting evasion features built into Silver RAT is the ability to delay payload execution for a certain amount of time, as well as secretly launch applications and monitor a compromised host. And the Windows Defender exception feature prevents detection after the first program launch.
Experts also found transactions on the authors Silver RAT crypto wallet in the amount of about $2,275 per day (from December 24, 2023 to December 25, 2023), which may indicate cash withdrawal activities. Additional analysis of the malware author's online activity shows that one of the group's members is probably around 20 years old and lives in Damascus, Syria.
The developer of Silver RAT, according to reports in Telegram, supports Palestine, and members of the group are active in various areas, including social networks, development platforms, darknet forums and websites on the public Internet, which indicates their participation in the distribution of various malware.
