APT / THREAT GROUP
AsyncRAT
2
aliases
Last seen:Mar 17, 2026
Intelligence Profile
AsyncRAT is a Remote Access Tool (RAT) designed to remotely monitor and control other computers through a secure encrypted connection. It is an open source remote administration tool, however, it could also be used maliciously because it provides functionality such as keylogger, remote desktop control, and many other functions that may cause harm to the victim’s computer. In addition, AsyncRAT can be delivered via various methods such as spear-phishing, malvertising, exploit kit and other techniques.
Threat Analysis
AsyncRAT is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.
Intelligence Reports Mentioning AsyncRAT
SEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRAT
The Hacker News· Jul 1, 2026
The SOC Files: ScreenConnect masked as freeware. An inside look at a large-scale campaign
Securelist (Kaspersky)· Jul 1, 2026
Cybercriminals Use Fake AI Guides and Dev Tools to Spread AsyncRAT Malware
Infosecurity Magazine· Jun 11, 2026
Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT
The Hacker News· Mar 6, 2026
External References
Quick Facts
TypeAPT / Threat Group
Aliases2
Also Known As
AsyncRATwin.asyncrat
External Intelligence
Malpedia: win.asyncratResearch Links
Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.