Home Malware Programs Remote Administration Tools LimeRevenge RAT

LimeRevenge RAT

Posted: November 15, 2019

Remote Access Trojans are part of the toolkit of any experienced cybercriminals – there are countless variants to choose from, and threat actors can opt to go for the free ones or expensive ones. Of course, the expensive Remote Access Trojans (RATs) are better at staying hidden, and they often provide their operators with access to more features that enable them to extract all sorts of data from the compromised host. One of the notorious RATs being used by low-level crooks and high-profile threat actors alike is the RevengeRAT. Recently, malware researchers came across a modified variant of the RevengeRAT that has been given the name LimeRevenge RAT.

The LimeRevenge RAT appears to share portions of its code with the RevengeRAT, but it also features some things that were used in the njRAT Lime Edition previously. There is a possibility that the same malware developer might be behind these threats, but there is no way to confirm this reliably. Apart from sharing significant similarities with two popular RAT families, the LimeRevenge RAT is not that spectacular in terms of functionality – it lacks any innovative features, but, unfortunately, it does an excellent job of providing its operator with access to all of the typical modules seen in popular RATs.

Operators of the LimeRevenge RAT will have the opportunity to perform the following tasks on the compromised computer:

  • Browse the local files and delete, move, copy or download them.
  • Manage running processes and services.
  • Gather hardware and software details about the system.
  • Initiate a keylogger module.
  • Execute remote commands and PowerShell commands.

It is not clear whether the LimeRevenge RAT is a public or private tool, so it is best to assume that any cybercriminal has access to it. This means that the LimeRevenge RAT may be distributed via all means, and the best way to protect your computer is to invest in a reputable anti-virus software suite that will monitor files and connections for suspicious behavior.

Loading...