The self-proclaimed "Anonymous Arab"Syrian Hacking GroupThe release of a new product called "Silver Mouse (Silver RAT)," a remote access Trojan that bypasses security software and covertly launches hidden applications.
Professional Analysis: In a new report, security firm Cyfirma states that "developers are active in multiplehackerforums and social media platforms, showing an active and sophisticated style." It is speculated that the members of the organization are Syrian, and that it is linked to another group calledS500 RATThere is a connection to the development of the Trojan horse. They also run a Telegram channel offering to crack RATs, leak databases, card campaigns, and sell Facebook and X (formerly Twitter) bots.
Malicious Uses: These social media bots are utilized by other cybercriminals to promote various illegal services by automatically interacting with and commenting on user content.
First discovery: Silver RAT v1.0s field app was first discovered in November 2023, but the developer's release plans were announced a year earlier.Around October 2023, the Trojan was cracked and leaked to the Telegram platform.
Powerful: This C#-based malware has a variety of features, including connecting to command and control (C2) servers, logging keystrokes, destroying system restore points, and even using theRansomwareEncrypted data. In addition, there are indications that an Android version is in development.
Customization Options: "When generating payloads using Silver RAT's builder, threat participants can choose from a variety of options with payload sizes of up to 50 kilobytes," Cyfirma noted. "Upon connection, the victim will appear in an attacker-controlled Silver RAT panel that displays the victim's logs based on the selected function."
A clever escape: Silver RAT has an interesting built-in evasion feature that delays the execution of the payload and secretly launches the application and takes control of the infected host.
Behind the scenes: Further analysis of the malware author's online footprint suggests that one member of the organization may be in his 20s and resides in Damascus, Syria. "Based on their Telegram posts, the developers appear to be pro-Palestinian, and members of the organization are active on social media, development platforms, underground forums, and the open web, suggesting that they are involved in the distribution of various pieces of malware," Cyfirma said.
Original article by Chief Security Officer, if reproduced, please credit https://cncso.com/en/syrian-hacker-group-releases-silver-rat.html