QuimaRAT Malware Emerges as Cross-Platform Threat via MaaS Model

QuimaRAT Malware Emerges as Cross-Platform Threat via MaaS Model

First seen 7 Jul 2026, 18:24 UTC Feeds.4SysopsScworld 83% similarity 61.5

Article Content

Browse articles
ThreatCluster

QuimaRAT, a new Java-based remote access trojan (RAT), has been identified as a significant threat targeting Windows, macOS, and Linux systems. Offered as malware-as-a-service (MaaS), it has subscription costs ranging from $150 per month to $1,200 for lifetime access. The malware features a modular architecture, allowing dynamic expansion through encrypted plugins. It employs various persistence methods across different operating systems, including Registry Run keys for Windows and LaunchAgent plist files for macOS. QuimaRAT can execute commands remotely, steal credentials, transfer files, and conduct webcam surveillance, providing extensive control to attackers. Its builder supports multiple output formats, enhancing its adaptability for different environments. The malware's stealth capabilities are particularly notable on Windows and Linux, while macOS users may require admin permissions for certain features. The threat landscape is evolving with this malware's capabilities, posing risks to a wide range of users.

Key Points: • QuimaRAT is a cross-platform RAT targeting Windows, macOS, and Linux systems. • The malware is sold as a MaaS with subscription prices from $150 to $1,200. • It features a modular architecture and various persistence methods for stealth and control.

ThreatCluster AI

Timeline

2026-07-06
QuimaRAT identified as new malware
LevelBlue reported the discovery of QuimaRAT, a Java-based RAT targeting multiple OS platforms.
Feeds.4Sysops
2026-07-07
QuimaRAT offered via MaaS model
The malware is available for subscription on the dark web, with costs ranging from $150 to $1,200.
Scworld

Community

Browse all →