New: Threat Exposure Validation Impact Report 2025
Learn More
Join our Summer Webinar Series on Threat Exposure Validation
Register Now
Meet the team at Infosecurity Europe 2025
Book a Meeting

Chaos RAT Added To Linux Cryptocurrency Mining Attacks

December 15, 2022

A cryptocurrency mining operation was discovered incorporating the Chaos Remote Administrative Tool into its arsenal. The malicious software alters the crontab file to maintain persistence and downloads an XMRig miner onto infected devices. To remain active and spread to as many devices as possible the main downloader script and further payloads are hosted in different locations.