Noodle RAT: The Sneaky Malware Feast China’s Hackers Have Been Serving Since 2016

Noodle RAT, a cross-platform malware, has been used by Chinese threat actors since at least 2016. Misclassified as variants, it’s now identified as entirely new. Both Windows and Linux versions share command-and-control code but serve different hacking groups. It highlights the commercial malware supply chain in China’s cyber espionage ecosystem.

3P
Published: June 13, 2024 6:39 amAdded: June 12, 2024 at 11:51 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like the Chinese cyber espionage buffet just added a new dish: Noodle RAT. Serving up a spicy blend of espionage and cybercrime since 2016, this malware is here to noodle around in your systems!

Key Points:

  • Noodle RAT is a newly identified cross-platform malware used by Chinese-speaking threat actors.
  • It comes in both Windows and Linux variants, active since at least July 2016.
  • The malware has connections to other notorious tools like Gh0st RAT, PlugX, and ShadowPad.
  • Its Windows version is used by groups like Iron Tiger and Calypso, while the Linux version is linked to Rocke and Cloud Snooper.
  • Noodle RAT is likely sold and distributed within a sophisticated cyber espionage supply chain.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?