Atroposia malware-as-a-service remote access trojan activity
Malware Activity
Summary
Hide ▲
Show ▼
The Atroposia platform now offers a remote access trojan that gives buyers persistent access, evasion, data theft, and local vulnerability scanning on Windows systems. The $200 monthly MaaS lowers the barrier for cybercriminals to run a modular malware operation with built-in credential theft, clipboard theft, and DNS hijacking.
Related Happenings
Atroposia RAT modular toolkit promoted on underground forums
Malware Activity
First: 29.10.2025 13:15
Last: 29.10.2025 13:15
Sources 1
About this happening:
A new **Atroposia RAT** activity has surfaced as a **modular criminal toolkit** promoted on underground forums, increasing the risk of **credential theft** and **unauthorized remo...
Atroposia RAT modular toolkit promoted on underground forums
Malware ActivityAbout this happening: A new **Atroposia RAT** activity has surfaced as a **modular criminal toolkit** promoted on underground forums, increasing the risk of **credential theft** and **unauthorized remo...
Timeline
-
28.10.2025 15:15 1 articles · 7mo ago
Varonis identifies Atroposia modular RAT service for Windows
Initial DisclosureResearchers at Varonis identify Atroposia as a new malware-as-a-service platform that offers cybercriminals a modular remote access trojan for Windows systems. The service is sold for a $200 monthly subscription and combines encrypted command-and-control, UAC bypass, hidden remote desktop, file system control, data exfiltration, credential theft, clipboard theft, cryptocurrency wallet theft, DNS hijacking, and a local vulnerability scanner that checks missing patches, unsafe settings, and outdated software versions.
Show sources
- New Atroposia malware comes with a local vulnerability scanner — www.bleepingcomputer.com — 28.10.2025 15:15