HOMETHREATSCrimson RAT
MALWARE FAMILY

Crimson RAT

Internal ID: win.crimson
1
aliases
Last seen:Mar 17, 2026

Intelligence Profile

It was first discovered in 2017 and has since been used to attack organizations around the world. The malware is often distributed through phishing emails or by exploiting vulnerabilities in outdated security software. Once Crimson RAT is installed on a computer, it can be used to steal data, spy on users, and even take control of the infected computers.

Some of the features of Crimson RAT include:

Remote control of infected computers

Data theft, such as passwords, files, and emails

User spying

Takeover of infected computers

Locking of infected computers

Extortion of payments

Threat Analysis

Crimson RAT is a malware family tracked by threat intelligence researchers and catalogued in the Malpedia dataset. It represents a distinct malicious software lineage with identifiable code characteristics, behaviors, and victimology.

External References

Quick Facts

TypeMalware Family
Aliases1

Also Known As

win.crimson

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.
Crimson RAT — Malware Family | Threat Intelligence | CTIWATCH.COM