Remote Access Trojan
Crimson RAT
First seen: 2016-01 • Status: active
Currently Active Threat
Crimson RAT is a Pakistani hacking tool used to spy on India's government and military.
Overview
Crimson RAT is associated with Pakistani APT36 (Transparent Tribe). It targets Indian government and military.
Also Known As
SEEDOOR
How It Spreads
- • Spear-phishing
- • Malicious documents
What It Does
- • Espionage
- • Data theft
- • Keylogging
- • Screen capture
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Monitor for APT36 indicators
- • Watch for Pakistani targeting
MITRE ATT&CK Techniques
T1566, T1056, T1113
If You're Infected
- 1.
Engage government incident response
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required