CrystalX RAT siginecha malware inoba data uye inotamba majee pane vane hutachiona

Vatsvakurudzi vekuchengetedza vaona imwe malware-se-a-sevhisi inonzi CrystalX RAT. Chirongwa ichi chinosanganisa mabasa ekusvika kure, kuba ruzivo, keystroke kubatwa uye cryptocurrency kero kutsiva. Especialistas uye Kaspersky vakaona chishandiso chakasimudzirwa kubva muna Ndira 2026 kuburikidza nematanho akazvitsaurira paTelegram uye mavhidhiyo ekuratidzira paYouTube.

CrystalX RAT inoshanda neiyo tiered yekunyorera modhi inobvumira chero munhu anofarira kutenga mukana wemubhadharo. Iyi puratifomu inosanganisira control panel ine yakapusa interface uye otomatiki inogoneka muvaki. Esse chimiro chinoita kuti zvive nyore kugadzirisa iyo malware kune akasiyana mashandiro.

• Geoblocking kudzikamisa zvinangwa nedunhu
• Anti-debugging maitiro uye virtual muchina kuona
• Kuongororwa kweproxies uye matekiniki anotadzisa kuongororwa

Idzi sarudzo dzekudzivirira dzekuongorora dzinowedzera kukwezva pakati pevashandisi vane mazinga akasiyana ehunyanzvi hwehunyanzvi.

Remote kuwana uye spying features

Iyo remote control module inobvumidza iwe kuita mirairo mune Windows mutsara muturikiri, kurodha uye kudhawunirodha mafaera uye kuongorora system yemuchina ane hutachiona. Vashandi vanogonawo kuona iyo skrini munguva chaiyo kuburikidza neVNC kubatanidzwa.

Odhiyo uye vhidhiyo kubatwa kunoitika kuburikidza nemakrofoni yemudziyo uye kamera. Durante yakagovaniswa kuwana, iyo pani inopa mabhatani kuvharira mushandisi kupinza, izvo zvinodzivirira kukanganisa apo anorwisa achiita zviito. Iyo keylogger inorekodha ese makiyi uye inotumira iyo data munguva chaiyo kune yekuraira server.

The CrystalX RAT infostealer inotarisa pamabhurawuza anobva paChromium, kusanganisira shanduro dzeChrome, pamwe neYandex uye Opera. Kukohwa kunoenderera kune zvikumbiro zvakaita seSteam, 28754 ne287595 Telegram. The credential kuba module parizvino yakavharwa kwechinguva ichimirira kuvandudzwa mune ramangwana.

Clipper mechanism uye kuchengetedzwa kwedata mukufamba

Iyo clipper chikamu chinotarisisa clipboard ye cryptocurrency wallet kero mapatani. Quando inoona mutambo, otomatiki inotsiva zvemukati neanorwisa-anodzorwa data. Essa kuchinjana kunoitika pasina munhu akabatwa achiona shanduko mukuchinjirwa.

Miripo inogadzirwa nemuvaki inomanikidzwa nezlib uye yakavharidzirwa neChaCha20 algorithm. Kukurukurirana nemirairo uye sevha yekudzora inoshandisa iyo WebSocket protocol, inochengetedza inoenderera uye bidirectional yekubatanidza. Panguva yekutanga kubatana, iyo malware inotumira ruzivo rweiyo ine hutachiona system yekutevera.

Prankware Zvimiro Zvinoisa CrystalX RAT Yakaparadzana

Iyo yakakura seti yekuvhiringidza mabasa inomiririra CrystalX RAT’s main musiyano kubva kune mamwe akafanana malware anowanikwa pamusika. Vashandisi vanogona kushandura desktop desktop uye kudzoreredza kutaridzika kwescreen. Outras zviito zvinosanganisira kudzokorora mabhatani embeva, kudzima keyboard uye kutarisa, kana kumanikidza komputa kuvhara.

Iyo pani inokutendera kuti utumire mameseji anovhura inopindirana dialog hwindo, ichigonesa chat yakananga pakati peanorwisa neakabatwa. Além Pamusoro pezvo, zvinokwanisika kuvanza zvidhori zvedesktop, bhara rebasa, Gerenciador uye Prompt. Iyo mbeva yecursor inogona zvakare kushandiswa kure.

Leia Tambem

New edition ye foldable smartphone inounza goridhe kupera kune Chando Mitambo vanokwikwidza

Tim Cook anoratidza itsva iPhone uye iPod prototypes mukupemberera Apple yemakore makumi mashanu

Leak details hardware yeiyo inotakurika PlayStation ine epamusoro magiraidhi kune Xbox Series S

Aya ma prankware maficha anoshanda ese kukwezva vashoma vane ruzivo vatengi uye kukanganisa mushandisi nepo mamwe ma module anoshanda kumashure. Iko kusanganiswa kwekutsika-tsika uye kuba kwedata kunogadzira chishandiso chinogoneka kune akasiyana cybercriminal profiles.

Kufanana kune yapfuura malware uye rebranding

Vaongorori vakacherekedza kufanana kwakasimba pakati peCrystalX RAT neWebRAT, inozivikanwawo seSalat Stealer. Ambos inogovana zvakafanana dhizaini dhizaini, kodeti yakagadzirwa mumutauro weGo, uye otomatiki yekutengesa system inoshandisa bots. Após kutsoropodza nezve kopi, avo vane mhosva vakaita shanduko kune yekuona kuzivikanwa uye vakatumidza zita chishandiso.

Kukwidziridzwa kwatamira kune chiteshi chitsva paTelegram, iyo inosanganisira kuwana makiyi ekupa uye mavhoti ekuita veruzhinji. Paralelamente, yakatsaurirwa YouTube chiteshi inoburitsa mavhidhiyo anoratidza maficha ari kushanda. Essa zano rinowedzera kusvika kupfuura zvechinyakare pasi pevhu foramu denderedzwa.

Ikozvino kugovera uye kusvika kweiyo malware

Kusvika iye zvino, kuedza kwehutachiona kwakaonekwa kunonyanya kutariswa Rússia. Zvisinei, iyo malware-as-a-service model hairegi zvirambidzo zvedunhu, izvo zvinobvumira CrystalX RAT kuti itarise vashandisi mune chero nyika. Pesquisadores haisati yanyatso tsanangura iyo chaiyo hutachiona vector inoshandiswa kugovera zvinogoneka.

Kusavapo kweruzivo rwakarurama pamusoro pekutanga nzira yekuendesa kunoita kuti zvive zvakaoma kukurumidza kugadzira matanho ekudzivirira chaiwo. Usuários inofanirwa kuchengetedza masisitimu anoshanda uye maapplication ari kusvika parizvino, pamusoro pekutora mhinduro dzakavimbika dzekuchengetedza dzinoona fungidziro yekusvika kure uye shanduko isina mvumo.

Analysis Dziviriro Technical Details

Iyo inovaka otomatiki inosanganisira yepamberi anti-analysis sarudzo dzinosimudza matanda ekuchengetedza vaongorori. Entre Iwo mapeche akavanzika anodarika masisitimu ekudzivirira mabasa uye anti-attach loops inodzivirira debugging. Essas Technical layers inodzivirira malware panguva yekugovera uye kwekutanga kuuraya.

Iyo inoenderera mberi yekutaurirana protocol inofambisa kuenderera mberi kwekutumira data rakabiwa pasina kudiwa kwekudzokorora nguva nenguva. Essa architecture inobatsira kushanda kwakadzikama kunyangwe munzvimbo dzine musiyano wekubatanidza.

CrystalX RAT inopa vashandisi seti yakazara yezvishandiso kubva kuzere muchina kutonga kusvika kuburitsa chinyararire ruzivo rwakadzama. Iko kusanganisirwa kwekuona uye kupindirana kwekuvhiringidza mabasa kunowedzera isina kujairika layer kune yazvino yekutengesa malware ecosystem.