Today > vulnerabilities   -   You can now download lists of IOCs here!

Python RAT with a Nice Screensharing Feature

Nov. 5, 2024, 12:33 p.m.

Description

A Python Remote Access Trojan (RAT) with advanced capabilities, including a notable screensharing feature, has been discovered. The RAT, based on a two-year-old script, has a low detection rate on VirusTotal. It offers numerous functions to control the victim's computer, such as shell access, webcam control, and registry manipulation. The screensharing feature utilizes the 'vidstream' Python library, enabling real-time viewing of the victim's screen. A proof-of-concept demonstrated the RAT's ability to stream the victim's screen to the attacker's computer. This exemplifies Python's growing popularity among attackers for creating sophisticated malware, even for Windows environments.

Date

Published: Nov. 5, 2024, 11:42 a.m.

Created: Nov. 5, 2024, 11:42 a.m.

Modified: Nov. 5, 2024, 12:33 p.m.

Indicators

1281b7184278f2a4814b245b48256da32a6348b317b83c440008849a16682ccb

Attack Patterns

Python RAT

T1569.002

T1021.001

T1059.006

T1552.001

T1120

T1553.002

T1115

T1547.001

T1056.001

T1113

T1562.001

T1016

T1070

T1518

T1082

T1057

T1105

T1083

T1055