Intel471-Logo-white.png

QuimaRAT

Jul 15, 2026

Threat Overview - QuimaRAT

QuimaRAT is a newly identified Java-based Remote Access Trojan (RAT) that is being marketed under a Malware-as-a-Service (MaaS) model, and providing threat actors with a cross-platform remote access framework capable of targeting Windows, Linux, and macOS systems. As opposed to many traditional RATs that focus on a single operating system, QuimaRAT was designed from the outset to support multiple platforms through a modular architecture that allows operators to dynamically expand functionality using encrypted plugins delivered from its command and control infrastructure. Researchers observed that the malware suite includes not only the RAT itself, but also a dedicated builder, loader, and dropper capable of generating numerous payload formats to support a wide variety of delivery methods. It is worthy to note that QuimaRAT lowers the barrier to entry for cybercriminals by offering subscription-based access, allowing less sophisticated operators to leverage advanced remote access capabilities without developing their own malware.

Related Articles