ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool DarkComet

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: DarkComet

NamesDarkComet
DarkKomet
Fynloski
FYNLOS
klovbot
Krademok
CategoryTools
TypeBackdoor, Keylogger, Credential stealer, Info stealer
Description(Wikipedia) DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur (known as DarkCoderSc), an independent programmer and computer security coder from France. Although the RAT was developed back in 2008, it began to proliferate at the start of 2012. The program was discontinued, partially due to its use in the Syrian civil war to monitor activists but also due to its author's fear of being arrested for unnamed reasons. As of August 2018, the program's development 'has ceased indefinitely', and downloads are no longer offered on its official website.

DarkComet allows a user to control the system with a graphical user interface. It has many features which allows a user to use it as administrative remote help tool; however, DarkComet has many features which can be used maliciously. DarkComet is commonly used to spy on the victims by taking screen captures, key-logging, or password stealing.
Information<https://en.wikipedia.org/wiki/DarkComet>
<https://darkcomet.net>
<https://blog.malwarebytes.com/detections/backdoor-darkcomet/>
<https://blog.malwarebytes.com/threat-analysis/2012/06/you-dirty-rat-part-1-darkcomet/>
<https://blog.malwarebytes.com/threat-analysis/2012/10/dark-comet-2-electric-boogaloo/>
MITRE ATT&CK<https://attack.mitre.org/software/S0334/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.darkcomet>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:DarkComet>

Last change to this tool card: 13 May 2020

Download this tool card in JSON format

All groups using tool DarkComet

ChangedNameCountryObserved

APT groups

 APT 33, Elfin, MagnalliumIran2013-Nov 2019 
 Lazarus Group, Hidden Cobra, Labyrinth ChollimaNorth Korea2007-Aug 2020 HOTX
 Transparent Tribe, APT 36Pakistan2013-Apr 2020 

3 groups listed (3 APT, 0 other, 0 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key