Remote Access Trojan

Quasar RAT

First seen: 2014-01 • Status: active

Currently Active Threat

Quasar is a free remote access tool that was meant to be legitimate but is now used by hackers because anyone can download and modify it.

Overview

Quasar is an open-source RAT originally developed as a legitimate remote administration tool. It is widely abused by threat actors due to its availability and features.

Also Known As

QuasarRAT, xClient

How It Spreads

  • Phishing
  • Malicious downloads
  • Supply chain attacks

What It Does

  • Remote access
  • File management
  • Keylogging
  • Password recovery

Is your business exposed?

Target Platforms

Windows

Detection Tips

  • Monitor for Quasar signatures
  • Watch for suspicious .NET processes

MITRE ATT&CK Techniques

T1056, T1005, T1021

If You're Infected

  1. 1.

    Remove with antivirus

  2. 2.

    Audit remote access

Related Malware

Asyncrat, Njrat

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices