SentinelOne vs ElectroRAT (macOS Remote Access Trojan) – Detect Mode

ElectroRAT is a multi-platform remote access trojan that emerged in late 2020. The macOS variant is considered the first significant, and new, piece of malware in the new year. The RAT is written in Golang and has been distributed across various forums and social networks. The trojan targets specific interest areas, for example, financial services and securities trading forums. ElectroRAT has the ability to monitor keystrokes, steal browser credentials, as well as providing multiple remote control options to the attacker (ex: VNC). Many of the features built into ElectroRAT are existing open-source tools. These include ‘Swift-Keylogger’ & ‘OSXvnc’. ElectroRAT retrieves commands via remote Pastebin entries.
The SentinelOne Singularity Platform is capable of detecting and preventing malicious behaviors associated with ElectroRAT.