CyberGate RAT Mimic as Dorks Tool to Attack Cybersecurity Professionals

Threat actors target a niche group of internet users, security researchers, penetration testers, and even cybercriminals.

The weapon of choice is malicious software known as CyberGate Remote Access Trojan (RAT), which has been lurking in the cyber realm for several years.

The latest twist in its deployment involves a cunning disguise, where the RAT is being distributed under the guise of a URL to a seemingly harmless Dork converter tool.

Understanding “Dorks” in Cybersecurity

For the uninitiated, “Dorks” are not the awkward characters from a high school drama but rather specialized search queries.

Document
Integrate ANY.RUN in your company for Effective Malware Analysis

Are you from SOC and DFIR teams? – Join With 400,000 independent Researchers

Malware analysis can be fast and simple. Just let us show you the way to:

  • Interact with malware safely
  • Set up virtual machine in Linux and all Windows OS versions
  • Work in a team
  • Get detailed reports with maximum data
  • If you want to test all these features now with completely free access to the sandbox:

These queries are crucial for cybersecurity professionals and ethical hackers to discover vulnerable websites, sensitive data leaks, and hidden malware.

While Dorks serve as a force for good in the hands of defenders, enabling them to patch up security holes and protect data, they can also be wielded by malicious actors to exploit the same vulnerabilities.

Broadcom has recently reported that CyberGate RAT has been identified as masquerading as a Dork tool.

This RAT is a remote access Trojan that allows an attacker to gain unauthorized access to a computer system.

Symantec’s protection suite is designed to identify and neutralize the CyberGate RAT using a multi-layered approach:

CyberGate Remote Access Trojan (RAT) is disguised as a Dork tool, potentially allowing attackers to gain unauthorized access to targeted systems.

As the CyberGate RAT continues to mimic legitimate tools to infiltrate the cybersecurity community’s systems, awareness and advanced protection systems like those offered by Symantec are critical in safeguarding against such deceptive attacks.

You can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits, with Perimeter81 malware protection. All are incredibly harmful, can wreak havoc, and damage your network.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

INE Security Alert: Expediting CMMC 2.0 Compliance

INE Security, a leading global provider of cybersecurity training and certifications, today announced a new…

13 hours ago

Subaru’s STARLINK Connected Car’s Vulnerability Let Attackers Gain Restricted Access

In a groundbreaking discovery on November 20, 2024, cybersecurity researchers Shubham Shah and a colleague…

3 days ago

Android Kiosk Tablets Vulnerability Let Attackers Control AC & Lights

A security flaw found in Android-based kiosk tablets at luxury hotels has exposed a grave…

3 days ago

CISA Releases Six ICS Advisories Details Security Issues

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued six Industrial Control Systems (ICS) advisories…

3 days ago

Juniper Routers Exploited via Magic Packet Vulnerability to Deploy Custom Backdoor

A sophisticated cyber campaign dubbed "J-magic" has been discovered targeting enterprise-grade Juniper routers with a…

3 days ago

Beware of Fake Captcha Verifications Spreading Lumma Malware

In January, Netskope Threat Labs uncovered a sophisticated global malware campaign leveraging fake CAPTCHA pages…

3 days ago