CrySome RAT – Advanced Threat Insight
CrySome RAT is a sophisticated .NET-based remote access trojan engineered for long-term persistence and stealth on Windows systems. It extends beyond typical malware by maintaining execution even after system resets, leveraging recovery partition abuse and offline registry manipulation to ensure continued presence.
Beyond persistence, it delivers a full post-exploitation toolkit. It supports remote command execution, file exfiltration, process manipulation, and network pivoting via SOCKS and reverse proxy. With capabilities like AVKiller to disable security tools, HVNC for hidden remote control, keylogging, credential theft from Chromium-based browsers, and real-time screen, audio, and webcam surveillance, it provides attackers with deep visibility and control over compromised environments.
Adding to the concern, it’s being openly marketed via crysome[.]net, lowering the barrier for wider adoption.
Link to the Research Report: https://www.cyfirma.com/research/crysome-rat-an-advanced-persistent-net-remote-access-trojan/
#MalwareAnalysis #CyberSecurity#ThreatIntel #RAT#CYFIRMA #CYFIRMAResearch #WindowsRAT #HVNC #InfoSec #ExternalThreatLandscapeManagement #ETLM
https://www.cyfirma.com/
