Original release date: December 18, 2018 Summary Quasar, a legitimate open-source remote administration tool (RAT), has been observed being used maliciously by Advanced Persistent Threat (APT) actors to facilitate network exploitation. This Analysis Report provides information on Quasar’s functions and features, along with recommendations for preventing and mitigating Quasar activity. Description Quasar is a publically available, open-source RAT for Microsoft Windows operating systems (OSs) written in the C# programming language. Quasar is authored by GitHub user MaxXor and publicly hosted as a GitHub repository. While the tool can be used for legitimate purposes (e.g., an organization’s helpdesk technician remotely accessing an employee’s laptop), the Cybersecurity and Infrastructure Security Agency (CISA), is aware of APT actors using Quasar for cybercrime and cyber-espionage campaigns. Quasar was first released in July 2014 as “xRAT 2.0.” In August 2015, xRAT was renamed “Quas...
Comments
Post a Comment