ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool RMS

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: RMS

NamesRMS
Remote Manipulator System
CategoryTools
TypeBackdoor, Info stealer
DescriptionCyberInt states that Remote Manipulator System (RMS) is a legitimate tool developed by Russian organization TektonIT and has been observed in campaigns conducted by TA505 as well as numerous smaller campaigns likely attributable to other, disparate, threat actors. In addition to the availability of commercial licenses, the tool is free for non-commercial use and supports the remote administration of both Microsoft Windows and Android devices.
Information<https://rmansys.ru/remote-access/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.rms>

Last change to this tool card: 23 April 2020

Download this tool card in JSON format

All groups using tool RMS

ChangedNameCountryObserved

APT groups

 Gamaredon GroupRussia2013-Jan 2021 
 LazyScripter[Unknown]2018 
 TA505, Graceful Spider, Gold EvergreenRussia2006-Oct 2020X

3 groups listed (3 APT, 0 other, 0 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key