Skip to content

Information Security News

  • Home
  • Cyber Security
  • Cybercriminals
  • Data Leak
  • Google
    • Android
  • Information Security
  • Linux
  • Malware
  • Microsoft
    • Windows
  • Open Source Tool
  • Vulnerability
  • Technology

Information Security News

  • Home
  • Cyber Security
  • Cybercriminals
  • Data Leak
  • Google
    • Android
  • Information Security
  • Linux
  • Malware
  • Microsoft
    • Windows
  • Open Source Tool
  • Vulnerability
  • Technology
  • Malware

Cybersecurity Alerted: Persian Remote World Uncovers Malicious Tools

by Nam Phong · November 24, 2023

In the shadowy realm of cybersecurity, new threats emerge with alarming frequency, preying on unsuspecting users and jeopardizing their digital assets. Cyble Research and Intelligence Labs (CRIL) recently unearthed a disturbing discovery – a website named Persian Remote World, a haven for malicious tools that empower cybercriminals to wreak havoc.

Persian Remote World operates as a virtual marketplace, offering a diverse arsenal of malicious tools, including Remote Access Trojans (RATs), loaders, and crypters. These tools are designed to infiltrate and control victim systems, enabling cybercriminals to execute commands, steal sensitive data, and manipulate system settings with impunity.

Persian RAT Post on Website | Image: Cyble Research and Intelligence Labs

At the heart of Persian Remote World’s offerings lies Persian RAT, a sophisticated remote access tool capable of inflicting significant damage. Upon execution, Persian RAT establishes a persistent presence on the victim system, granting the attacker remote control.

Persian RAT’s nefarious capabilities include keylogging, enabling the attacker to capture every keystroke made on the victim’s system, compromising passwords, financial information, and other sensitive data. Additionally, the RAT can steal cookies from popular browsers, further expanding the attacker’s access to private information.

Persian RAT’s reach extends beyond traditional data theft, targeting popular games and applications installed on the victim’s system. The RAT can scan and exfiltrate crucial files from various games, including Spotify, iTunes, Epic Games, Riot Games, and Steam.

Persian RAT’s embedded commands provide the attacker with a range of malicious functionalities. The RAT can disable User Account Control (UAC), a critical security feature that protects against unauthorized system modifications. Moreover, the RAT can initiate ransomware attacks, encrypting the victim’s files and demanding ransom payments.

Complementing Persian RAT is Persian Loader, a tool designed to execute secondary payloads on compromised systems. This allows the attacker to deploy additional malicious software, expanding their control and amplifying the potential damage.

Persian Remote World provides a builder and management tool, Persian X Loader 5.0, enabling the attacker to customize and manage Persian Loaders. The tool allows for the creation of custom listener servers, facilitating communication between the attacker and infected systems.

The malicious tools offered by Persian Remote World pose a substantial threat to individuals and organizations alike. The ability to remotely execute commands, exfiltrate sensitive data, and manipulate system settings makes these tools a powerful weapon in the hands of cybercriminals.

To mitigate the risk posed by Persian Remote World and similar threats, individuals and organizations should adopt robust cybersecurity measures. These measures include:

  • Implementing strong password policies and multi-factor authentication (MFA)
  • Regularly updating software and operating systems
  • Employing reputable antivirus and anti-malware solutions
  • Educating employees about cybersecurity threats and best practices

By adopting these measures, individuals and organizations can significantly reduce their vulnerability to malicious tools like those offered by Persian Remote World.

Related coverage

  • The Gentlemen Ransomware Zero-Day: Dismantling EDR Systems from the Kernel
  • PolinRider Supply Chain Attack Spans npm, Go, Chrome
  • Mustang Panda Exploits Zoho WorkDrive in Cyber Espionage
  • FortiBleed Malware Campaign Linked to INC Ransom
  • DHS Investigates Critical HSIN Platform Cyberattack

Support Our Threat Intelligence

If you find our technology report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee Logo Buy Me a Coffee PayPal
Crypto QR Code
USDT (TRC20):
TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm
USDT (ERC20):
0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce

Tags: Persian LoadersPersian Remote WorldPersian X LoaderPersian X Loader 5.0User Account Control

Follow:

  • Next story WailingCrab Malware Evolves to Evade Detection via MQTT
  • Previous story Beware of the Imposter: Phobos Ransomware Poses as VX-Underground

  • Recent Posts
  • Popular Posts
  • Tags
  • FatFs vulnerabilities in embedded devices triggered by crafted SD card or USB drive

    Vulnerability

    7 FatFs Bugs Threaten Embedded Devices via Removable Media

    July 6, 2026

  • Linux USB4STREAM driver protocol EFS file system removal queued for Linux 7.3 kernel after 20 years of no real-world users

    Linux

    EFS File System Removed from Linux Kernel in 7.3

    July 6, 2026

  • Conceptual illustration of The Gentlemen ransomware zero-day BYOVD attack disabling EDR software via a vulnerable Windows driver

    Malware

    The Gentlemen Ransomware Zero-Day: Dismantling EDR Systems from the Kernel

    July 6, 2026

  • Conceptual illustration of hackers finding the Aptos Move VM vulnerability using a budget server setup

    Vulnerability

    Aptos Move VM Vulnerability Exposes $70B Risk via $3K Server

    July 6, 2026

  • PolinRider North Korea supply chain attack targeting npm, Go modules, and Chrome extensions

    Malware

    PolinRider Supply Chain Attack Spans npm, Go, Chrome

    July 6, 2026

  • Iranian cyberattacks on Israel cyber war graphic

    Cyber Security

    Iranian Cyberattacks on Israel Triple in 2026

    July 2, 2026

  • SolydXK 10.4 released: based on Debian Buster

    Linux

    SolydXK 10.4 released: based on Debian Buster

    September 27, 2019

  • OpenSUSE Leap 15.4 Beta releases, Linux distributions

    Linux

    OpenSUSE Leap 15.4 Beta releases, Linux distributions

    May 30, 2020

  • Ubuntu 16.04.6 LTS released: fix security vulnerabilities

    Linux

    Ubuntu 16.04.6 LTS released: fix security vulnerabilities

    March 1, 2019

  • GhostBSD 23.10.1 released, FreeBSD distribution

    Linux

    GhostBSD 23.10.1 released, FreeBSD distribution

    May 1, 2020

  • AI AI security Android Apple APT BOTNET China CISA cloud security cryptocurrency cyberattack cybercrime Cyber Espionage cybersecurity Cybersecurity 2026 data breach Github google hacking Infosec InfoSec 2026 Infostealer Linux Linux Kernel malware Microsoft network security open source Penetration Testing phishing privacy privilege escalation Prompt Injection ransomware RCE remote code execution security Social Engineering supply chain attack Tech News 2026 threat intelligence vulnerability windows Windows 11 zero-day
  • Home
  • About Us
  • Contact Us
  • DMCA NOTICE
  • Privacy Policy

Information Security News © 2026. All Rights Reserved.

Powered by  - Designed with Hueman Pro