{"id":164898,"date":"2023-05-31T22:25:49","date_gmt":"2023-06-01T03:25:49","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2023\/05\/new-gobrat-remote-access-trojan-targeting-linux-routers-in-japan"},"modified":"2023-05-31T22:25:49","modified_gmt":"2023-06-01T03:25:49","slug":"new-gobrat-remote-access-trojan-targeting-linux-routers-in-japan","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2023\/05\/new-gobrat-remote-access-trojan-targeting-linux-routers-in-japan","title":{"rendered":"New GobRAT Remote Access Trojan Targeting Linux Routers in Japan"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/new-gobrat-remote-access-trojan-targeting-linux-routers-in-japan2.jpg\"><\/a><\/p>\n<p>Linux routers in Japan are the target of a new Golang remote access trojan (RAT) called <strong>GobRAT<\/strong>.<\/p>\n<p>\u201cInitially, the attacker targets a router whose WEBUI is open to the public, executes scripts possibly by using vulnerabilities, and finally infects the GobRAT,\u201d the JPCERT Coordination Center (JPCERT\/CC) <a href=\"https:\/\/blogs.jpcert.or.jp\/en\/2023\/05\/gobrat.html\" rel=\"noopener\" target=\"_blank\">said<\/a> in a report published today.<\/p>\n<p>The compromise of an internet-exposed router is followed by the deployment of a loader script that acts as a conduit for delivering GobRAT, which, when launched, masquerades as the Apache daemon process (apached) to evade detection.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Linux routers in Japan are the target of a new Golang remote access trojan (RAT) called GobRAT. \u201cInitially, the attacker targets a router whose WEBUI is open to the public, executes scripts possibly by using vulnerabilities, and finally infects the GobRAT,\u201d the JPCERT Coordination Center (JPCERT\/CC) said in a report published today. The compromise of [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1523,418],"tags":[],"class_list":["post-164898","post","type-post","status-publish","format-standard","hentry","category-computing","category-internet"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/164898","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=164898"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/164898\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=164898"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=164898"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=164898"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}