{"id":10489,"date":"2025-07-16T12:37:12","date_gmt":"2025-07-16T05:37:12","guid":{"rendered":"https:\/\/infosec.new88088.net\/?p=10489"},"modified":"2026-02-05T12:37:18","modified_gmt":"2026-02-05T05:37:18","slug":"su-troi-day-cua-asyncrat-va-nhung-nhanh-ma-doc-mang-tinh-tuy-bien-cao","status":"publish","type":"post","link":"https:\/\/infosec.new88088.net\/2025\/07\/16\/su-troi-day-cua-asyncrat-va-nhung-nhanh-ma-doc-mang-tinh-tuy-bien-cao\/","title":{"rendered":"S\u1ef1 tr\u1ed7i d\u1eady c\u1ee7a AsyncRAT v\u00e0 nh\u1eefng nh\u00e1nh m\u00e3 \u0111\u1ed9c mang t\u00ednh t\u00f9y bi\u1ebfn cao"},"content":{"rendered":"

AsyncRAT, t\u1eebng l\u00e0 m\u1ed9t c\u00f4ng c\u1ee5 \u0111i\u1ec1u khi\u1ec3n t\u1eeb xa m\u00e3 ngu\u1ed3n m\u1edf \u0111\u01a1n gi\u1ea3n, nay \u0111\u00e3 bi\u1ebfn th\u00e0nh m\u1ed9t h\u1ec7 sinh th\u00e1i m\u00e3 \u0111\u1ed9c \u0111\u1ea7y ph\u1ee9c t\u1ea1p. N\u00f3 li\u00ean t\u1ee5c sinh s\u00f4i c\u00e1c bi\u1ebfn th\u1ec3 m\u1edbi v\u1edbi kh\u1ea3 n\u0103ng c\u1ea5y gh\u00e9p linh ho\u1ea1t, k\u1ef9 thu\u1eadt che gi\u1ea5u tinh vi v\u00e0 chi\u1ebfn thu\u1eadt n\u00e9 tr\u00e1nh ng\u00e0y c\u00e0ng kh\u00f3 \u0111\u1ed1i ph\u00f3. T\u1eeb m\u1ed9t d\u1ef1 \u00e1n tr\u00ean GitHub, AsyncRAT \u0111\u00e3 tr\u1edf th\u00e0nh n\u1ec1n t\u1ea3ng ph\u1ed5 bi\u1ebfn trong gi\u1edbi t\u1ed9i ph\u1ea1m m\u1ea1ng, mang theo c\u1ea3 s\u1ef1 s\u00e1ng t\u1ea1o l\u1eabn nguy hi\u1ec3m trong t\u1eebng d\u00f2ng m\u00e3.<\/b><\/p>\n

\n
\"AsyncRAT.png\"<\/div>\n<\/div>\n

T\u1eeb m\u00e3 ngu\u1ed3n m\u1edf \u0111\u1ebfn c\u00f4ng c\u1ee5 t\u1ea5n c\u00f4ng to\u00e0n n\u0103ng\u200b<\/h3>\n

AsyncRAT ra m\u1eaft tr\u00ean GitHub t\u1eeb n\u0103m 2019, vi\u1ebft b\u1eb1ng C# v\u00e0 h\u1ed7 tr\u1ee3 c\u00e1c ch\u1ee9c n\u0103ng nh\u01b0 keylogger, ch\u1ee5p m\u00e0n h\u00ecnh, \u0111\u00e1nh c\u1eafp th\u00f4ng tin x\u00e1c th\u1ef1c. D\u00f9 c\u00f3 nhi\u1ec1u \u0111i\u1ec3m t\u01b0\u01a1ng \u0111\u1ed3ng v\u1edbi Quasar RAT v\u1ec1 m\u1eb7t kh\u00e1i ni\u1ec7m, AsyncRAT \u0111\u01b0\u1ee3c vi\u1ebft l\u1ea1i ho\u00e0n to\u00e0n t\u1eeb \u0111\u1ea7u. M\u1ed9t \u0111i\u1ec3m \u0111\u00e1ng ch\u00fa \u00fd l\u00e0 \u0111o\u1ea1n m\u00e3 m\u00e3 h\u00f3a AES-256 v\u00e0 SHA-256 trong AsyncRAT \u0111\u01b0\u1ee3c sao ch\u00e9p t\u1eeb Quasar, cho th\u1ea5y c\u00e1c d\u1ef1 \u00e1n m\u00e3 \u0111\u1ed9c th\u01b0\u1eddng chia s\u1ebb v\u00e0 t\u00e1i s\u1eed d\u1ee5ng logic m\u00e3 h\u00f3a l\u1eabn nhau.<\/p>\n

Thi\u1ebft k\u1ebf m\u00f4-\u0111un v\u00e0 kh\u1ea3 n\u0103ng m\u1edf r\u1ed9ng cao gi\u00fap AsyncRAT nhanh ch\u00f3ng \u0111\u01b0\u1ee3c t\u1ed9i ph\u1ea1m m\u1ea1ng khai th\u00e1c, t\u1ea1o \u0111\u00e0 cho h\u00e0ng lo\u1ea1t fork m\u1edbi ra \u0111\u1eddi.<\/p>\n

Nh\u1eefng bi\u1ebfn th\u1ec3 \u0111\u00e1ng g\u1eddm: DcRat v\u00e0 VenomRAT\u200b<\/h3>\n

Trong s\u1ed1 nhi\u1ec1u d\u1eabn xu\u1ea5t t\u1eeb AsyncRAT, hai bi\u1ebfn th\u1ec3 n\u1ed5i b\u1eadt l\u00e0 DcRat v\u00e0 VenomRAT.<\/p>\n

DcRat s\u1eed d\u1ee5ng th\u01b0 vi\u1ec7n MessagePack \u0111\u1ec3 c\u1ea3i thi\u1ec7n hi\u1ec7u n\u0103ng x\u1eed l\u00fd d\u1eef li\u1ec7u, \u0111\u1ed3ng th\u1eddi t\u00edch h\u1ee3p c\u00e1c k\u1ef9 thu\u1eadt n\u00e9 tr\u00e1nh ph\u00f2ng v\u1ec7 m\u1ea1nh m\u1ebd:<\/p>\n