Gh0stCringe RAT

The Ch0stCringe RAT is a Remote Access Trojan (RAT), that has been leveraged by threat actors against poorly secured Microsoft SQL and MySQL database servers. The threat appears to have been crafted by ill-minded developers who used the leaked source code of the Gh0st Rat threat as a basis. Details about Gh0stCringe RAT were brought to light in a report published by the ASEC analysis team.

Like most malware of this type, the Gh0stCringe RAT also allows its operators to perform various invasive actions on the infiltrated machines. The RAT establishes a communication channel with the Command-and-Control server of the operations and waits for suitable commands to define its behavior. Researchers have identified 7 such settings that govern the exact activities performed by the threat. One of the commands tells the Gh0stCringe RAT to activate a keylogging routine on the device. Via keylogging, the attackers may attempt to obtain sensitive or confidential account credentials, security passwords and other critical information.

So far, the Gh0stCringe RAT has been observed to be deployed on targets with faulty or weak security. This conclusion is supported by the fact that on the devices infected by the threat, researchers found traces of previous breaches involving crypto-miners. RAT threats are considered to be more threatening significantly, and organizations should make the necessary efforts to the chances of such threats slipping in.


Most Viewed