Horus Eyes RAT (HE-RAT) is one of the latest tools used along with the recent ‘warsaw’ banking trojan circumventing security appliances
Horus Eyes is a multi-threaded, asynchronous RAT that can automate tasks and save their settings, lock the screen, hide visible windows
is a fully-fledged RAT (Remote Access Trojan) threat that is equipped with a vast array of threatening functionalities. The threat
The clandestine From the underground to criminals’ arsenal. Created 8 months ago by threatmanager; Public; TLP: White. Reference
The Horus Eyes RAT is a fully-fledged RAT (Remote Access Trojan) threat that is equipped with a vast array of threatening functionalities. The threat was initially sold on an underground hacker forum. However, after a couple of updates, its creator made the Trojan public by publishing it on GitHub. While on their YouTube channel, the Horus Eyes RAT’s author states that all of their software products are created for educational purposes, this seems quite insignificant when cybergangs have already started adding the RAT to their malware arsenals due to its potency.
The Horus Eyes RAT was created as a continuation from the previous threat of the same author named SPYBOXRAT. boasts a massively expanded set of capabilities that can make it a useful tool for almost any hacker gang regardless of their specific attack operations. The RAT can perform automated tasks, manipulate the file system on the compromised systems, fetch and deploy additional payloads, harvest sensitive information such as user credentials and browsing history, kill or pause select processes and much more.
The Horus Eyes RAT Employed in a Banking Trojan Attack
Having easy access to the code gives cybercriminals the opportunity to further customize the threat according to their particular needs. Indeed, a modified version of the Horus Eyes RAT has already been observed to be used as a second-stage payload alongside a previously unknown banking Trojan named Warsaw. The hackers relied on the Horus Eyes RAT to take over the infected systems and then obtain payment and banking credentials. The threat scanned any opened foreground windows and compared their names to a hardcoded list. The threat also collected various details about the system including usernames, OS versions, CPU architecture, computer name, etc.
As part of the newly added features, the hackers introduced a persistence mechanism via a Registry key that ensured the auto-start of the Trojan on every system boot. They also incorporated the Horus Eyes RAT into their infrastructure by making the threat capable of sending notifications to a Telegram account upon detecting certain user actions on the compromised device.
Remote Administration Tools are programs that allow particular kinds of actions from a local PC which means to control different kinds of tools. Our list includes the best RATs for Windows 10 and Windows 11 that are reliable and easy to use. Moreover, it can also be used for hacking reasons through which can clearly see which tool kind of tool can be used to control the desktop remotely.
Today due to technological advancement and deployment of equipment which is thousands of kilometers were no physical access there is a need to remotely connect to all in order to perform different tasks
There are so many advanced feature in this remote administration tool which are as following below
- Live webcam
- Remote desktop
- Get passwords
- Crypto miner
- Crypto stealer
- Victim Flag
- Live location
- System information
- File manager
- Run any file
- Run any script
- Download any file
- Upload any file
- Change desktop wallpaper
- Process checker
- Service checker
- Registry edit
- Host encryption
- Port encryption
- Change icon