HiatusRAT Targets SOHO Routers
Business grade routers are being infected with the HiatusRAT Remote Access Trojan a variant of tcpdump to perform packing capturing and a bash script deployed post-exploitation.
The malicious software opens a listener on port 8816 and sends sensitive information to command-and-control servers.
Data collected includes system network and file information as well as information about the running processes on the infected device.
Featured Resources
Subscribe to Our Blog
Subscribe now to get the latest insights, expert tips and updates on threat exposure validation.
Subscribe