2023年8月24日 · After gaining initial access, researchers observed the threat group execute a malicious binary and use the curl command to deploy QuiteRAT. This remote access trojan was previously discovered in February, but further details about this malware have not been divulged before this campaign.

2023年8月24日 · QuiteRAT is a fairly simple remote access trojan (RAT). It consists of a compact set of statically linked Qt libraries along with some user-written code. The Qt framework is a platform for developing cross-platform applications. However, it is immensely popular for developing Graphical User Interface in applications.

QuiteRAT is a simple remote access trojan written with the help of Qt libraries. After sending preliminary system information to its C&C server, it expects a response containing either a supported command code or an actual Windows command (like systeminfo or ipconfig with parameters) to execute.

2023年8月29日 · QuiteRAT is identified as a Remote Access Trojan (RAT), constituting malicious software. Its primary purpose is to facilitate remote access and control over compromised systems. Emerging in early 2023, QuiteRAT has been attributed to the Lazarus Group, a threat entity reportedly supported by North Korea.

2023年8月28日 · 两者都有相同的能力，例如在受感染的系统上执行任意命令。 除了 QuiteRAT 之外，研究人员还发现了另一个名为“CollectionRAT”的 Lazarus Group 威胁。 这种新威胁拥有标准远程访问木马 (RAT) 功能，包括在受感染系统上执行任意命令的能力。

This security loophole was leveraged to deploy a remote access trojan (RAT) known as QuiteRAT. In addition to deploying the QuiteRAT malware, the Lazarus Group has introduced a new malware named CollectionRAT. #2 Exhibiting conventional RAT capabilities, CollectionRAT enables the execution of arbitrary commands on compromised systems.

2023年8月28日 · 今年 2 月，攻擊者開始利用此漏洞部署一種更複雜的惡意軟件，思科 Talos 的研究人員將其標記為 QuiteRAT。 儘管與其他 Lazarus 惡意軟件菌株具有一些共同特徵，但 QuiteRAT 的設計目的是讓防御者更難分析和檢測。 黑客在攻擊的初始階段還使用了開源工具和框架。 該惡意軟件使黑客能夠從受感染的設備收集信息，並具有允許其在指定時間內處於休眠狀態的功能，從而確保其秘密存在於受感染的網絡上。 與其前身 MagicRAT 不同，QuiteRAT 更小， …

(Talos) QuiteRAT is a fairly simple remote access trojan (RAT). It consists of a compact set of statically linked Qt libraries along with some user-written code. The Qt framework is a platform …

QuiteRAT empowers the hackers to amass information from the compromised device. The threat also is equipped with a function that enables it to enter a 'sleep' mode for pre-defined durations, facilitating the concealment of its presence within a compromised network.

In our latest Campaign of the Month, we dive into a newly discovered attack vector by the Lazarus Group, exploiting a critical vulnerability in the Zoho ManageEngine Service Desk Plus (CVE-2022-47966) using a Remote Access Trojan (RAT) dubbed ‘QuiteRAT’