New: Threat Exposure Validation Impact Report 2025
Learn More
Join our Summer Webinar Series on Threat Exposure Validation
Register Now
Come meet us at Black Hat USA 2025 | Booth 1640
Book a Meeting
Book a Demo
Book a Demo

HiatusRAT Targets SOHO Routers

March 23, 2023

Business grade routers are being infected with the HiatusRAT Remote Access Trojan a variant of tcpdump to perform packing capturing and a bash script deployed post-exploitation. The malicious software opens a listener on port 8816 and sends sensitive information to command-and-control servers. Data collected includes system network and file information as well as information about the running processes on the infected device.

Featured Resources

image
blog

AI Threat Detection: Supercharging Cyber Defenses with Intelligence & Scale 

Security teams face an onslaught of ever-evolving threats, bloated alert queues and sprawling attack surfaces.   Manual detection and periodic pen

Read More
cymulate blog
Data Sheet

Automated Exposure Mitigation 

Go beyond validation with automated threat mitigation. Test, detect, and block threats daily to optimize prevention and harden defenses.

Read More
cymulate blog article
blog

Achieve NIS2 Compliance with Security Control Validation 

The original 2016 Network and Information Systems (NIS) Directive aimed to build cybersecurity capabilities across the European Union (EU), mitigate

Read More