kkRAT is a new Remote Access Trojan utilizing advanced evasion techniques, including a BYOVD exploit, to target Chinese-speaking users. It employs a unique encrypted communication protocol and steals cryptocurrency via clipboard hijacking, while also leveraging legitimate remote management tools for persistence. This multi-stage campaign demonstrates a high level of sophistication in its attack chain.
Latest mentioned: 09-12
Earliest mentioned: 09-11