Millenium-RAT, a sophisticated Remote Access Tool (RAT) for Windows systems, is now available for purchase on GitHub, which exclusively attacking windows systems.
The Millenium-RAT, particularly version 2.4; is a Win32 executable built on the.NET framework. It is intended to covertly retrieve a vast quantity of data from systems that have been compromised.
Millenium RAT’s evolution from version 2.4 to the most recent version 2.5 highlights its dynamic threat landscape and ongoing development and release.
The Millennium Rat as A Growing Threat
CYFIRMA says this malware is a great example of a complex set of malicious features carefully designed to steal sensitive user data, stay on a device even when cutting-edge anti-analysis techniques try to find it, become persistent, and give hackers remote control over the infected device.
With its wide range of abilities, the Millenium-RAT-2.4 can be used for data exfiltration, system information gathering, process disruption, self-destruct mechanisms, evasion strategies in sandbox settings, anti-debugging measures, and remote command execution over the Telegram platform.
On GitHub, this RAT is being advertised under false pretenses of being an educational resource, all the while secretly providing lifetime access for a small cost.
Although the project is closed source and the code is unavailable to the public, those interested are asked to contact the project over Telegram to gain access.
The examined sample below is from version 2.4, which the malware creator revealed on their GitHub account is accessible for lifetime access for $30.
Additionally, there is the RAT builder, which provides customization options to enable the building of the RAT specifically customized to meet requirements. Users can submit information like the Telegram chat ID, the Telegram Bot token, and even specific filenames, like the keylogger file.
Researchers say the Millenium RAT looks to be a derivative of the ToxicEye RAT, an open-source Telegram RAT. The structure, modules, code, namespaces, function names, and arguments of MilleniumRAT and ToxicEye RATs are similar.
This implies that attackers may modify and reuse already-existing open-source malicious code to fit their purposes, posing a significant threat to cybersecurity environments.
Ensure your Cyber Resiliance with the recent wave of cyber-attacks targeting the financial services sector. Almost 60% respondents not confident to recover fully from a cyber attack.
Millenium Rat Presents a Significant Risk To Cybersecurity
The appearance of malware such as Millenium RAT, notable for its multifunctionality and ability to steal a vast amount of data from compromised systems, is a major cybersecurity threat.
The RAT uses several strategies, such as evasion, persistence, and granting remote control over compromised computers.
“The provision of a RAT builder allows customization, where users can choose features and parameters such as Telegram details and filenames, denoting the alarming ease with which these malicious tools can be manipulated and distributed”, researchers said.
Therefore, it is recommended that stakeholders enhance and strengthen their cybersecurity posture to effectively tackle these diverse threats.
Patch Manager Plus: Patch over 850 third-party applications quickly – Try Free Trial.
Read the full article here