Quasar

Quasar is a remote access trojan is used by attackers to take remote control of infected machines. It is written using the .NET programming language and is available to a wide public as an open-source project for Microsoft Windows operating systems, making it a popular RAT featured in many attacks.

Known Variants

Quasar RAT (customizable open-source tool)

Mitigation Strategies

Quasar is an open-source RAT that can be customized by attackers for specific targets. Organizations should restrict the use of remote administration tools and ensure that all remote access sessions are logged and monitored. Outbound traffic should be scrutinized for unusual connections, especially to known malicious IP addresses. Endpoint detection and response (EDR) solutions must be configured to detect remote access tools and unusual patterns of system activity.

Targeted Industries or Sectors

Quasar is often used to target government, energy, and educational institutions, where its remote access capabilities can be used for espionage and data exfiltration.

Associated Threat Actors

Quasar has been used by various cyber espionage groups, particularly those affiliated with nation-state actors.

References

Ready to uncover malware networks?

We can help you detect malware families and expose their hidden infrastructure blending into malicious networks and hosting providers.

Book your Demo Today

Ready to uncover malware networks?

We can help you detect malware families and expose their hidden infrastructure blending into malicious networks and hosting providers.

Book your Demo Today

Ready to uncover malware networks?

We can help you detect malware families and expose their hidden infrastructure blending into malicious networks and hosting providers.

Book your Demo Today

Hunt Intelligence, Inc.