From Gamer to Malware Developer: Exploring SilverRat and Its Syrian Roots

SUMMARY :

This analysis delves into the development and capabilities of Silver RAT, a Remote Access Trojan created by a Syrian developer known as 'noradlb1'. The malware, initially observed in November 2023, offers features such as keylogging, UAC bypass, and data encryption. The developer, active on various hacking forums, also operates Telegram channels offering cracked RATs and other malicious services. Silver RAT v1.0, written in C#, can generate Windows payloads up to 50kb and includes options to bypass antivirus software and hide processes. The developer's background suggests a transition from game hacking to malware creation, with plans to expand to Android platforms. The report also highlights the threat actor's online presence, financial transactions, and connection to hacktivist groups supporting the Syrian Revolution.

OPENCTI LABELS :

keylogger,ransomware,remote access trojan,antivirus bypass,telegram channels,syrian developer,hacking forums,silver rat


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


From Gamer to Malware Developer: Exploring SilverRat and Its Syrian Roots