A previously undocumented cross-platform malware codenamed Noodle RAT has been put to use by Chinese-speaking threat actors either for espionage or cybercrime for years.
While this backdoor was previously categorized as a variant of Gh0st RAT and Rekoobe, Trend Micro security researcher Hara Hiroaki said "this backdoor is not merely a variant of existing malware, but is a new type altogether."
Noodle RAT, which also goes by the monikers ANGRYREBEL and Nood RAT, comes in both Windows and Linux flavors, and is believed to have been put to use since at least July 2016.
The remote access tran Gh0st RAT first surfaced in 2008 when a China threat group called the C. Rufus Security Team made its source code publicly available.
Over the years, the malware – alongside other tools like PlugX and ShadowPad – has become a hallmark of Chinese government hackers, who have used it in numerous campaigns and attacks. Read More..