216.73.216.133

From Gamer to Malware Developer: Exploring SilverRat and Its Syrian Roots

· Published 04/06/2025 20:39 · Modified 05/06/2025 01:19

Export JSON

Essential information

Published
04/06/2025 20:39
Modified
05/06/2025 01:19
Tags
2025-06-04 antivirus bypass hacking forums keylogger ransomware remote access trojan silver rat syrian developer telegram channels
Related entities
1 intrusion sets (apt), 12 techniques (mitre), 1 malware

Description

This analysis delves into the development and capabilities of , a created by a known as 'noradlb1'. The malware, initially observed in November 2023, offers features such as keylogging, UAC bypass, and data encryption. The developer, active on various , also operates offering cracked RATs and other malicious services. v1.0, written in C#, can generate Windows payloads up to 50kb and includes options to bypass antivirus software and hide processes. The developer's background suggests a transition from game hacking to malware creation, with plans to expand to Android platforms. The report also highlights the threat actor's online presence, financial transactions, and connection to hacktivist groups supporting the Syrian Revolution.

External references