: Often compiled using AutoIT scripts into PE executables.
Malware researchers at Triage and ANY.RUN have identified several suspicious behaviors associated with 888 RAT executions:
: It can harvest contacts, access SMS messages, and collect files or photos. 888Rat.rar
The file is a compressed archive containing 888 RAT , a well-known Remote Access Trojan (RAT) used for unauthorized surveillance and control of infected devices. Originally surfacing around 2018 as a tool for Windows, it has since evolved into a cross-platform threat capable of infecting Android and Linux systems. Capabilities and Impact
: Some versions include routines to steal login credentials, particularly for social media platforms like Facebook. Evolution and Distribution : Often compiled using AutoIT scripts into PE executables
Once executed, 888 RAT allows an attacker to remotely manage a victim's device through a Command-and-Control (C&C) server. Its capabilities are extensive and vary by platform:
: The malware is designed for active spying, including taking screenshots, recording audio/phone calls, and using the device's camera to take photos. Originally surfacing around 2018 as a tool for
888 RAT has gained notoriety due to its accessibility and use by various threat groups.