Krasue

Malware updated 23 days ago (2024-11-29T14:52:22.070Z)
Download STIX
Preview STIX
Krasue is a newly discovered malware that specifically targets Linux systems. Identified by cybersecurity researchers at Group-IB, this malicious software has been found to be primarily focused on telecom companies in Thailand. As with most malware, Krasue enters systems without the user's knowledge, typically through suspicious downloads, emails, or websites, where it then seeks to exploit and damage the infected system. The Krasue Linux RAT (Remote Access Trojan) represents a significant threat to these targeted organizations. Once embedded within a system, it can steal sensitive information, disrupt operations, and potentially hold data hostage for ransom. This poses considerable risks for the affected telecom firms, potentially leading to substantial financial loss and operational disruption. Interestingly, there are links between Krasue and XorDdos, another malicious program known for its damaging capabilities. The connection suggests that the same or similar threat actors might be behind both pieces of malware. Given the potential impact of Krasue, it's crucial for organizations, particularly those within the telecom sector in Thailand, to take proactive measures to secure their systems against such threats.
Description last updated: 2024-08-14T08:50:02.697Z
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.
Alias DescriptionVotes
XorDdos is a possible alias for Krasue. XorDdos is a malicious software (malware) that was discovered by Microsoft in 2014 and has been widely used in attacks against cloud and Internet of Things (IoT) deployments. The Linux Trojan targets Linux devices, causing disruptions and potentially stealing sensitive information. It has been linke
4
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Trojan
Linux
Malware
Rootkit
Rat
Exploit
Vulnerability
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Threat Actors
To see the evidence that has resulted in these threatActor associations, create a free account
Alias DescriptionAssociation TypeVotes
The Diamorphine Threat Actor is associated with Krasue. Diamorphine is a threat actor identified in cybersecurity as an entity executing actions with malicious intent. This Linux kernel rootkit has been used to compromise systems by hiding processes and creating backdoors for stealth and root privileges. It downloads, compiles, and installs two open-sourUnspecified
2
Source Document References
Information about the Krasue Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
Securityaffairs
4 months ago
Securityaffairs
5 months ago
CERT-EU
a year ago
Securityaffairs
5 months ago
Securityaffairs
5 months ago
Securityaffairs
5 months ago
Securityaffairs
5 months ago
Securityaffairs
6 months ago
Securityaffairs
6 months ago
Securityaffairs
6 months ago
Securityaffairs
7 months ago
Securityaffairs
8 months ago
Securityaffairs
8 months ago
Securityaffairs
8 months ago
Securityaffairs
8 months ago
Securityaffairs
9 months ago
Securityaffairs
9 months ago
Securityaffairs
9 months ago
Securityaffairs
9 months ago
CERT-EU
9 months ago