The BITTER hacking group is a crew of highly-skilled cybercriminals that are believed to originate from South East Asia. Malware researchers first spotted this APT (Advanced Persistent Threat) back in 2015, and they are still active to this day. Most of the victims of the BITTER hacking group are located either in Pakistan or in China.
Often Operates in Combination with the ArtraDownloader
One of the most commonly used tools by the BITTER APT is the BitterRAT. Usually, the BITTER hacking group tends to combine the BitterRAT with the ArtraDownloader. Theses two pieces of malware appear to be the most preferred tools in the hacking arsenal of the BITTER APT. The ArtraDownloader would serve as a first-stage payload, which would enable the attackers to plant the BitterRAT on the infected host. When this is completed, the operators of the BitterRAT will be able to take control of the compromised PC. Remote Access Trojans are formed of two parts - a server that is meant to be planted on the compromised system, and a client that can be used to control the server component.
The BitterRAT is able to:
- Download files.
- Upload files.
- Modify files.
- Delete files.
- Execute files.
- Browse files.
- Gain access to the webcam and microphone.
- Send remote shell commands.
- Enumerate drives.
- Take control over running software.
- Update itself.
- Delete itself.
However, 'BitterRAT's weakness is its lack of any self-preservation capabilities. This means that this hacking tool cannot obfuscate its code and is not able to detect whether it is being run in a malware-debugging system. Download and install a legitimate anti-malware application and use it to remove the BitterRAT from your system safely.
Do You Suspect Your PC May Be Infected with BitterRAT & Other Threats? Scan Your PC with SpyHunterSpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like BitterRAT as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Security Doesn't Let You Download SpyHunter or Access the Internet?Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
- Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
- Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
- Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
- IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your PC. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.