From open-source to open threat: Tracking Chaos RAT’s evolution

SUMMARY :

Chaos RAT, an open-source remote administration tool written in Golang, has evolved since its first appearance in 2022. Recent variants have been identified in Linux and Windows attacks. The malware offers cross-platform compatibility and is being exploited by threat actors for malicious purposes. It provides an administrative panel for payload generation and control of compromised systems. The latest samples show improved encoding of configuration data and expanded capabilities. A critical vulnerability in Chaos RAT's web panel allowed attackers to execute remote code on the server. While overall usage remains limited, its low detection profile creates opportunities for espionage, data exfiltration, and establishing footholds for further attacks.

OPENCTI LABELS :

golang,cross-platform,cve-2024-30850,remote administration tool,cve-2024-31839,chaos rat


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


From open-source to open threat: Tracking Chaos RAT’s evolution