top of page
perceptive_background_267k.jpg

North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks

Published:

9 december 2025 om 15:43:05

Alert date:

9 december 2025 om 16:01:03

Source:

bleepingcomputer.com

Click to open the original link from this advisory

North Korean hackers are deploying EtherRAT malware through React2Shell vulnerability exploitation. The malware implements five separate Linux persistence mechanisms and uses Ethereum smart contracts for command and control communication. This represents a sophisticated attack methodology combining blockchain technology with traditional malware persistence techniques. The campaign demonstrates advanced capabilities in maintaining long-term access to compromised systems while leveraging decentralized communication channels.

Technical details

Mitigation steps:

Affected products:

Linux systems

Related links:

https://www.bleepingcomputer.com/news/security/north-korean-hackers-exploit-react2shell-flaw-in-etherrat-malware-attacks/

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page