RunningRAT’s Next Move: From Remote Access to Crypto Mining for Profit

NetmanageIT OpenCTI - opencti.netmanageit.com

RunningRAT’s Next Move: From Remote Access to Crypto Mining for Profit



SUMMARY :

RunningRAT, a remote access trojan initially observed in 2018 targeting the Pyeongchang Winter Olympics, has evolved its capabilities to include cryptocurrency mining. This shift indicates an expansion of the malware's operational focus. The analysis reveals the discovery of RunningRAT samples in open directories, detailing its execution process, network communications, and connection to cryptocurrency mining tools. The malware's infrastructure includes command and control servers hosting XMRig mining software, suggesting a new direction towards financial gain through compromised systems. The findings highlight the adaptability of established malware and the importance of continued monitoring for emerging threats.

OPENCTI LABELS :

remote access trojan,xmrig,cryptocurrency mining,runningrat


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


RunningRAT’s Next Move: From Remote Access to Crypto Mining for Profit