The Mastermind Behind CypherRAT and CraxsRAT
By Tom Donovan profile image Tom Donovan
3 min read

The Mastermind Behind CypherRAT and CraxsRAT

The research division at CYFIRMA has unearthed a novel Malware-as-a-Service (MaaS) entity, operating under the alias EVLF DEV. This particular threat actor has been identified as the architect behind the creation of CypherRAT and CraxsRAT. Over the past three years, these Remote Access Trojans (RATs) have been acquired by more

The research division at CYFIRMA has unearthed a novel Malware-as-a-Service (MaaS) entity, operating under the alias EVLF DEV. This particular threat actor has been identified as the architect behind the creation of CypherRAT and CraxsRAT. Over the past three years, these Remote Access Trojans (RATs) have been acquired by more than 100 unique threat actors, each obtaining a lifetime license. Engineered with precision, these RATs grant an attacker the capability to execute real-time commands remotely, thereby gaining control over the victim's device functionalities such as the camera, geographical location, and microphone. In the ensuing research report, we will delve into a comprehensive analysis of the MaaS operator and the sophisticated malware they have developed, shedding light on the underlying mechanisms and potential countermeasures to mitigate such threats.

By Tom Donovan profile image Tom Donovan
Updated on
Cybersecurity Members Only