You are here

NCCIC Analysis Report – Quasar Open Source Remote Administration Tool

NCCIC Analysis Report – Quasar Open Source Remote Administration Tool

Created: Tuesday, December 18, 2018 - 16:08
Categories:
Cybersecurity

The NCCIC has published an Analysis Report on the Quasar, a legitimate open source remote administration tool (RAT), has been observed being used maliciously by Advanced Persistent Threat (APT) actors to facilitate network exploitation. This Analysis Report provides information on Quasar’s functions and features, along with recommendations for preventing and mitigating Quasar activity.  providing technical information based on samples of the malware and the techniques that were employed. The indicators of compromise identified in Analysis Reports are entered automatically into DHS’s Cyber Information Sharing and Collaboration Program (CISCP) information feed. WaterISAC members can have seamless access to the CISCP information feed via Perch. NCCIC/US-CERT.