Spectre RAT

Spectre RAT is a threatening remote access Trojan that can perform numerous threatening activities on the computers it manages to infect. The threat can add the compromised device to a botnet and use the combined power of the enslaved device to carry out spam email campaigns or conduct DDoS (distributed Denial-of-Service) attacks.

Specter RAT has powerful information-stealing capabilities. It can obtain sensitive private data such as stored passwords, browsing history, autofill data, and cookies from Chrome, Firefox, and Edge. Specifically from Chrome and Edge, Specter RAT can also attempt to extract stored credit/debit card details. The data-gathering abilities of the threat also include taking screenshots, obtaining system data, locating files and exfiltrating them, as well as initiating keylogging routines.

Specter RAT has also been equipped with a Clipper/Swapper function. This technique targets users who often need to transfer cryptocurrencies between different wallets. The threat will substitute the wallet address saved in the system's clipboard with one under the control of the hackers. As a result, the transferred funds will be rerouted and placed in the hackers' wallets. So far, Specter has been observed to target the Bitcoin, Ethereum, and Monero cryptocurrencies.

Through Specter, the threat actor can deploy additional threatening payloads to the infected device.


Most Viewed