Skip to main content
  1. Home
  2. Computing
  3. News

This dangerous hacking tool is now on the loose, and the consequences could be huge

By

A dangerous post-exploitation toolkit, first used for cybersecurity purposes, has now been cracked and leaked to hacking communities.

The toolkit is being shared across many different websites, and the potential repercussions could be huge now that it can fall into the hands of various threat actors.

Brute Ratel logo.
Bleeping Computer

This could be bad. The post-exploitation toolkit in question, called Brute Ratel C4, was initially created by Chetan Nayak. Nayak is an ex-red teamer, meaning that his job included attempting to breach the securities of a given network, which was being actively defended by those on the blue team. Afterward, both teams discuss how it went and whether there are some security flaws to improve upon.

Recommended Videos

Brute Ratel was created for that exact purpose. It was made for “red teamers” to use, with the ultimate purpose of being able to execute commands remotely on a compromised network. This would then grant the attacker access to the rest of the network in an easier way.

Related

Cobalt Strike is seen as a similar tool to Brute Ratel, and that tool has been heavily abused by ransomware gangs, which is why it’s fairly easy to detect. Brute Ratel has not been quite as widely spread up until now, and it has a licensing verification system that mostly kept the hackers at bay. Nayak is able to revoke the license of any company found to be fake or misusing the tool.

Unfortunately, that’s now a thing of the past, because a cracked version of the tool started to circulate. It was first uploaded to VirusTotal in its uncracked state, but a Russian group called Molecules was able to crack it and entirely remove the licensing requirement from it. This means that now, any potential hacker can get their hands on it if they know where to look.

Will Thomas, a cyber threat intelligence researcher, published a report on the cracked version of the tool. It has already spread to many English and Russian-speaking communities, including CryptBB, RAMP, BreachForums, Exploit[.]in, Xss[.]is, and Telegram and Discord groups.

Person typing on a computer keyboard.

“There are now multiple posts on multiple of the most populated cybercrime forums where data brokers, malware developers, initial access brokers, and ransomware affiliates all hang out,” said Thomas in the report. In a conversation with Bleeping Computer, Thomas said that the tool works and no longer requires a license key.

Thomas explained the potential dangers of the tech, saying, “One of the most concerning aspects of the BRC4 tool for many security experts is its ability to generate shellcode that is undetected by many EDR and AV products. This extended window of detection evasion can give threat actors enough time to establish initial access, begin lateral movement, and achieve persistence elsewhere.”

Knowing that this powerful tool is out there, in the hands of hackers who should never have gained access to it, is definitely scary. Let’s hope that antivirus software developers can tighten the defenses against Brute Ratel soon enough.

Editors’ Recommendations

Topics
Monica J. White
Monica J. White
Computing Writer
Monica is a UK-based freelance writer and self-proclaimed geek. A firm believer in the "PC building is just like expensive…
Trying to buy a GPU in 2023 almost makes me miss the shortage
Two AMD Radeon RX 7000 graphics cards on a pink surface.

The days of the GPU shortage are long over, but somehow, buying a GPU is harder than ever -- and that sentiment has very little to do with stock levels. It's just that there are no obvious candidates when shopping anymore.

In a generation where no single GPU stands out as the single best graphics card, it's hard to jump on board with the latest from AMD and Nvidia. I don't want to see another GPU shortage, but the state of the graphics card market is far from where it should be.
This generation is all over the place

Read more
HP printers are heavily discounted in Best Buy’s flash sale
The HP - OfficeJet Pro 8034e Wireless All-In-One Inkjet Printer on a desk with a smartphone.

There’s good news in store if you’re looking to land a new printer at a discount this weekend. Best Buy is having a 48-hour flash sale on HP printers, with several that can compete with the best printers seeing some good prices. HP is almost always one of the best laptop brands, and it’s one of the same when it comes to printers. So if you’re looking for a new home or office printer, read onward on how to save on an HP printer at Best Buy.
HP DeskJet 2755e — $60, was $85

The HP DeskJet 2755e is a good entry-level printer. It’s got you covered if your printing needs are pretty basic, or if you don’t need to print in mass. This is a color InkJet printer, which makes it good for almost all uses. It can also make copies and scan in color, and it has mobile and wireless printing functionality. You can get set up quickly and easily with the HP Smart app that guides you through the setup process, and you can also use this app to print, scan and copy documents from your phone.

Read more
This tiny ThinkPad can’t quite keep up with the MacBook Air M2
Lenovo ThinkPad X1 Nano Gen 3 rear view showing lid and logo.

While the laptop industry continues to move toward 14-inch laptops and larger, the 13-inch laptop remains an important category. One of the best is the Apple MacBook Air M2, with an extremely thin and well-built chassis, great performance, and incredibly long battery life.

Lenovo has recently introduced the third generation of its ThinkPad X1 Nano, one of the lightest laptops we've tested and a good performer as well. It's stiff competition, but which of these two diminutive laptops stands apart?
Specs and configurations

Read more