26 February 2024

WISE REMOTE Trojan: Infostealer, RAT, DDoS Bot, and Ransomware

According to a report dated 11 July 2023, a new infostealer and remote access trojan called Wise Remote has been discovered in operation. This malware is unusual in that it acts as an infostealer, a remote access trojan (RAT), a distributed denial of service (DDoS) bot and ransomware. It currently operates as malware as a service and was discovered in operation from June 2023. Its developers are regularly improving it and it has effective support and marketing on the dark web.

The existing capabilities of WISE REMOTE Stealer are :

Systematic collection of extensive system information, providing cybercriminals with a wealth of valuable data.
Creation of a potent reverse shell, granting complete remote access and control over the compromised system.
Facilitation of additional malicious file downloads and executions, enabling expansion of the attack surface.
Extraction of critical data from web browsers, encompassing saved passwords, cookies, banking credentials, bookmarks, browsing history, and installed extensions, resulting in a treasure trove of personal information.
Theft of funds from unsuspecting victims’ cryptocurrency wallets, inflicting significant financial damage.
Seamless covert operation, opening and interacting with websites undetected, masquerading as legitimate user activity.
Stealthy capture of screenshots, potentially compromising sensitive and confidential information.
Utilization of the AppData folder as a discreet repository for surreptitiously uploaded files.
Empowerment of attackers to customize and tailor malicious agents and modules to suit specific targets and preferred attack vectors.
Camouflaging its tracks by manipulating system logs, erasing any trace of malicious activities, evading detection.

For DDoS, WISE REMOTE has a powerful control panel that gives unprecedented monitoring and control over a vast network of up to 10,000 infected machines.