Sakura RAT Released on GitHub: Bypasses AV and EDR Protections - #SakuraRat
Cybersecurity researchers have uncovered a new remote access trojan called Sakura RAT on GitHub, showcasing advanced capabilities that potentially bypass antivirus and EDR systems. This sophisticated malware grants attackers full control over compromised systems while remaining undetected, utilizing features such as a hidden browser function, HVNC for accessing hidden virtual desktops, and fileless execution techniques. Operating on a client-server model, Sakura RAT establishes command and control channels for communication with infected systems. The discovery of such advanced tools on public code repositories like GitHub raises significant concerns in the cybersecurity community. To counter this threat, experts recommend implementing application allowlisting, deploying modern EDR solutions, keeping systems updated, using behavior-based detection, and providing employee training to recognize phishing attempts. Organizations are also advised to enhance their monitoring capabilities to detect signs of RAT infections, including unusual network connections and unauthorized remote access attempts.