BitterRAT Description

The BITTER hacking group is a crew of highly-skilled cybercriminals that are believed to originate from South East Asia. Malware researchers first spotted this APT (Advanced Persistent Threat) back in 2015, and they are still active to this day. Most of the victims of the BITTER hacking group are located either in Pakistan or in China.

Often Operates in Combination with the ArtraDownloader

One of the most commonly used tools by the BITTER APT is the BitterRAT. Usually, the BITTER hacking group tends to combine the BitterRAT with the ArtraDownloader. Theses two pieces of malware appear to be the most preferred tools in the hacking arsenal of the BITTER APT. The ArtraDownloader would serve as a first-stage payload, which would enable the attackers to plant the BitterRAT on the infected host. When this is completed, the operators of the BitterRAT will be able to take control of the compromised PC. Remote Access Trojans are formed of two parts - a server that is meant to be planted on the compromised system, and a client that can be used to control the server component.


The BitterRAT is able to:

  • Download files.
  • Upload files.
  • Modify files.
  • Delete files.
  • Execute files.
  • Browse files.
  • Gain access to the webcam and microphone.
  • Send remote shell commands.
  • Enumerate drives.
  • Take control over running software.
  • Update itself.
  • Delete itself.

However, 'BitterRAT's weakness is its lack of any self-preservation capabilities. This means that this hacking tool cannot obfuscate its code and is not able to detect whether it is being run in a malware-debugging system. Download and install a legitimate anti-malware application and use it to remove the BitterRAT from your system safely.

Do You Suspect Your PC May Be Infected with BitterRAT & Other Threats? Scan Your PC with SpyHunter

SpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like BitterRAT as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Note: SpyHunter's scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. Free Remover allows you to run a one-off scan and receive, subject to a 48-hour waiting period, one remediation and removal. Free Remover subject to promotional details and Special Promotion Terms. To understand our policies, please also review our EULA, Privacy Policy and Threat Assessment Criteria. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.

Security Doesn't Let You Download SpyHunter or Access the Internet?

Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.
If you still can't install SpyHunter? View other possible causes of installation issues.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.