Seriously? CastleRAT. *Another* One.

Right, so some chuckleheads at TAG-150 – probably a bunch of script kiddies with too much time on their hands – have whipped up a remote access trojan called CastleRAT. Written in Python and C, because apparently making life easier for themselves is paramount. It’s basically a fancier version of their existing CastleLoader malware, which was already bad enough.

What does it *do*, you ask? Like every other RAT ever created, it lets the attackers remotely control infected machines. Keylogging, file theft, screenshotting, command execution…the whole pathetic shebang. They’re using legitimate tools like OneDrive and Google Drive for command-and-control, because hiding in plain sight is their brilliant strategy. And of course, it’s modular, so they can just keep adding crap to it.

The really infuriating part? It targets Windows, naturally. Because why bother with anything else when half the internet runs that garbage OS? They’re using social engineering – phishing emails and dodgy documents – to get people to install this thing. Like anyone *wants* a RAT on their system. Idiots.

They’ve been actively deploying it since at least March 2024, mostly going after folks in the Middle East. So if you’re in that region, tighten your security, for fuck’s sake. Everyone else? Assume you’re a target anyway. It’s 2025; paranoia is healthy.

Honestly, I’m starting to think the internet was a mistake.

Source: The Hacker News

Related Bullshit

Reminds me of the time some “genius” decided to write a backdoor in BASIC and then wonder why it was detected by every antivirus program ever made. Some people just shouldn’t be allowed near computers, honestly. It’s exhausting.