Quasar RAT - identify, block, and remove this Windows trojan now

Quasar RAT

What it is

Quasar RAT is a Windows remote-access trojan that lets attackers spy, steal data, and control a PC from afar. It shows up through fake emails or cracked software and blends in as a “normal” app. More detail in Gridinsoft’s explainer: https://gridinsoft.com/threats/quasar-rat

How it works - quick tour

  • Delivered via phishing attachments, fake installers, or loaders.

  • Runs in the background, often set to start with Windows.

  • Grabs passwords, screenshots, and files - can log keys and move data out.

  • Lets the attacker run commands, manage files, and pivot to other systems.

What you may notice

  • Sudden slowdowns, fan spin-ups, or network spikes when idle.

  • New or unknown startup items and scheduled tasks.

  • Security tools disabled or updates failing.

  • Odd prompts for admin rights.

If it hits - first moves

  • Disconnect from the internet and stop using the PC for logins.

  • Run a full scan with trusted anti-malware and remove detections.

  • From a clean device, change passwords and enable MFA.

  • Review recent logins, banking, and email forwarding rules.

Prevent it

  • Be strict with attachments and installers - verify the source.

  • Keep Windows and apps updated.

  • Use real-time protection and block-script macros by default.

  • Limit admin use and back up important files offline.

    Glossary (A–Z)

    All A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

      • Related Articles

      • Remcos (Remcos RAT)

        What it is Remcos is a Windows remote access tool (RAT) sold by Breaking Security that’s widely abused by threat actors. Once on a system, it gives remote control: keylogging, screen capture, file exfiltration, command execution, and persistence. ...

      • Remote Access Trojan (RAT)

        What it is A Remote Access Trojan is malware that pretends to be legit software but secretly installs a back door. Once running, it gives an outsider admin-level control of the device: they can browse files, capture screens and keystrokes, turn on ...

      • Async RAT

        What it is Async RAT is a remote-access tool turned spy kit. Once installed, attackers can watch screens, log keystrokes, steal files and passwords, and control the device from afar. For behaviors and examples, see the Async RAT threat guide. What ...

      • Data Exfiltration

        What it is Data exfiltration is the unauthorized transfer of your data out of your device or network—quietly slipping customer records, passwords, designs, or finances to an attacker. It’s the punchline of many breaches: get in, get data out, cash ...

      • Data Breach

        What it is A data breach is when someone gets into a company’s systems without permission and steals sensitive info—customer names, emails, passwords, payment details, medical records, and more. For overview: see our data breach guide How it happens ...