Today > | 16 High | 29 Medium | 8 Low vulnerabilities   -   You can now download lists of IOCs here!

G700: The Next Generation of Craxs RAT

Nov. 4, 2024, 10:45 p.m.

Description

G700 RAT, an advanced variant of Craxs RAT, targets Android devices and cryptocurrency applications. It employs sophisticated techniques like privilege escalation, phishing, and malicious APK distribution to infiltrate devices. The malware bypasses authentication, captures sensitive data, and manipulates legitimate app functions, allowing attackers to perform illicit actions undetected. Developed in C# and Java, it exploits mobile app security gaps, intercepts SMS messages, abuses Android permissions, and hijacks crypto transactions. G700 RAT uses persistence and obfuscation techniques, including Base64 encoding and APK encryption, to evade detection. Distributed through darkweb forums and Telegram channels, it poses a growing threat to device security, especially in cryptocurrency and financial environments.

Date

Published: Nov. 4, 2024, 10:11 p.m.

Created: Nov. 4, 2024, 10:11 p.m.

Modified: Nov. 4, 2024, 10:45 p.m.

Indicators

dcdf640e0eef93ff9708e73c461d98f30433770edd2a92f603c8e66f23cf77c1

65ad213f9c6403308cbc805ebe122e08c52c8d21d1b4f8efd0f406e2d448bdef

313804ea8fda918ff8a909f2367e903b030c3aa305e320d20a865fd6b19d062b

Attack Patterns

G700 RAT

Craxs RAT

T1108

T1171

T1548.002

T1548

T1095

T1548.003

T1573

T1496

T1071

T1219

T1204

T1027

T1056

T1566

T1068

T1003

Additional Informations

Finance

British Indian Ocean Territory

India