Krasue

Malware updated 25 days ago (2024-08-14T10:07:20.909Z)

Download STIX

Preview STIX

Krasue is a newly discovered malware that specifically targets Linux systems. Identified by cybersecurity researchers at Group-IB, this malicious software has been found to be primarily focused on telecom companies in Thailand. As with most malware, Krasue enters systems without the user's knowledge, typically through suspicious downloads, emails, or websites, where it then seeks to exploit and damage the infected system. The Krasue Linux RAT (Remote Access Trojan) represents a significant threat to these targeted organizations. Once embedded within a system, it can steal sensitive information, disrupt operations, and potentially hold data hostage for ransom. This poses considerable risks for the affected telecom firms, potentially leading to substantial financial loss and operational disruption. Interestingly, there are links between Krasue and XorDdos, another malicious program known for its damaging capabilities. The connection suggests that the same or similar threat actors might be behind both pieces of malware. Given the potential impact of Krasue, it's crucial for organizations, particularly those within the telecom sector in Thailand, to take proactive measures to secure their systems against such threats.

Description last updated: 2024-08-14T08:50:02.697Z

What's your take? (Question 1 of 5)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.

ID	Votes	Profile Description
XorDdos	4	XorDdos is a malicious software (malware) that was discovered by Microsoft in 2014 and has been widely used in attacks against cloud and Internet of Things (IoT) deployments. The Linux Trojan targets Linux devices, causing disruptions and potentially stealing sensitive information. It has been linke

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Trojan

Linux

Malware

Rootkit

Rat

Exploit

Vulnerability

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Threat Actors

To see the evidence that has resulted in these threatActor associations, create a free account

ID	Type	Votes	Profile Description
Diamorphine	Unspecified	2	Diamorphine is a threat actor, a human entity or group with malicious intent, that has been identified as using sophisticated techniques to compromise system security. This actor utilizes open-source rootkits available on GitHub, namely Diamorphine and Reptile, to infiltrate supported systems. These

Source Document References

Information about the Krasue Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Securityaffairs	a month ago	SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 6
Securityaffairs	a month ago	security-affairs-malware-newsletter-round-5
CERT-EU	9 months ago	New XorDdos-Linked Linux RAT Krasue Targeting Telecom Firms
Securityaffairs	2 months ago	Security Affairs Malware Newsletter - Round 3
Securityaffairs	2 months ago	Security Affairs Malware Newsletter - Round 3
Securityaffairs	2 months ago	Security Affairs Malware Newsletter - Round 2
Securityaffairs	2 months ago	Security Affairs Malware Newsletter - Round 1
Securityaffairs	2 months ago	Security Affairs newsletter Round 478 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	3 months ago	Security Affairs newsletter Round 477 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	3 months ago	Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	3 months ago	Security Affairs newsletter Round 473 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	4 months ago	Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	4 months ago	Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	5 months ago	Security Affairs newsletter Round 467 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	5 months ago	Security Affairs newsletter Round 466 by Pierluigi Paganini
Securityaffairs	5 months ago	Security Affairs newsletter Round 465 by Pierluigi Paganini
Securityaffairs	5 months ago	Security Affairs newsletter Round 464 by Pierluigi Paganini
Securityaffairs	6 months ago	Security Affairs newsletter Round 463 by Pierluigi Paganini
Securityaffairs	6 months ago	Security Affairs newsletter Round 462 by Pierluigi Paganini
CERT-EU	6 months ago	Cyber Security News Weekly Round-Up : Vulnerabilities & Cyber Attacks \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #ransomware \| National Cyber Security Consulting