New: 2026 Gartner® Market Guide for Adversarial Exposure Validation
Learn More
Cymulate named a Customers' Choice in 2025 Gartner® Peer Insights™
Learn More
New Research: The Security Tradeoffs Behind AI Tooling
Learn More
An Inside Look at the Technology Behind Cymulate
Learn More
Book a Demo
Book a Demo

HiatusRAT Targets SOHO Routers

March 23, 2023

Business grade routers are being infected with the HiatusRAT Remote Access Trojan a variant of tcpdump to perform packing capturing and a bash script deployed post-exploitation. The malicious software opens a listener on port 8816 and sends sensitive information to command-and-control servers. Data collected includes system network and file information as well as information about the running processes on the infected device.

Featured Resources

View More Resources
image
blog

When a Web Search Becomes a Backdoor: Remote Code Execution in Codex CLI via Prompt Injection and Binary Hijacking on Windows

Ilan Kalendarov, Security Research Team LeadBen Zamir, Security ResearcherElad Beber, Security Researcher As AI coding agents gain deeper access to

Read More
image
Data Sheet

Cymulate Vero AI

Cymulate Vero AI delivers secure, domain-specific cybersecurity AI with private infrastructure and zero customer data training.

Read More
image
Data Sheet

Cymulate Threat Studio

Cymulate Threat Studio enables teams to build and customize attack simulations to validate defenses.

Read More