From Gamer to Malware Developer: Exploring SilverRat and Its Syrian Roots

Description

This analysis delves into the development and capabilities of Silver RAT, a Remote Access Trojan created by a Syrian developer known as 'noradlb1'. The malware, initially observed in November 2023, offers features such as keylogging, UAC bypass, and data encryption. The developer, active on various hacking forums, also operates Telegram channels offering cracked RATs and other malicious services. Silver RAT v1.0, written in C#, can generate Windows payloads up to 50kb and includes options to bypass antivirus software and hide processes. The developer's background suggests a transition from game hacking to malware creation, with plans to expand to Android platforms. The report also highlights the threat actor's online presence, financial transactions, and connection to hacktivist groups supporting the Syrian Revolution.