CloudedHope Linux RAT with anti-analysis and decoy behavior
Malware Activity
Summary
Hide ▲
Show ▼
The CloudedHope malware family is being used as a Linux RAT with anti-analysis and decoy actions, increasing stealth for information theft and persistence operations. It is written in Golang and is described as a custom weapon for stealing intelligence from targeted environments. Its behavior matters because it can mislead defenders while remaining active on Linux systems.
Related Happenings
Mandiant free scanner script and YARA rules for Brickstorm on Linux and BSD appliances
Security Tool/Service
First: 24.09.2025 17:00
Last: 24.09.2025 17:00
Sources 1
About this happening:
Mandiant released a **free scanner script** and **YARA rules** to help defenders detect **Brickstorm** on **Linux and BSD appliances**. The release matters because these systems o...
Mandiant free scanner script and YARA rules for Brickstorm on Linux and BSD appliances
Security Tool/ServiceAbout this happening: Mandiant released a **free scanner script** and **YARA rules** to help defenders detect **Brickstorm** on **Linux and BSD appliances**. The release matters because these systems o...
Timeline
-
22.08.2025 23:52 1 articles · 9mo ago
CloudedHope Linux RAT with anti-analysis and decoy behavior
Initial DisclosureCloudedHope is a custom information-stealing malware family written in Golang and built for Linux systems. It functions as a remote access Trojan with anti-analysis measures and decoy actions, and it is described as part of the threat actor's toolset for stealing intelligence from targeted environments.
Show sources
- Silk Typhoon Attacks North American Orgs in the Cloud — www.darkreading.com — 22.08.2025 23:52