HiatusRAT is a threat actor referenced in U.S. government reporting as conducting scanning for CVE-2017-7921 during a March 2024 campaign targeting web cameras and DVRs, including Hikvision devices. Based on the provided content, the actor’s observed activity involved targeting internet-connected surveillance and recording infrastructure and leveraging or seeking vulnerable devices affected by CVE-2017-7921. The only alias directly provided in the content is hiatusrat.
Mallory correlates actor tradecraft and target patterns against your stack, your sector, and your geography. See overlap before they land.
1 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
Match sector + geo + tech-stack targeting against your real footprint.
Every observed MITRE ATT&CK technique, grouped by tactic.
Families this actor is known to deploy, with IOCs and behavior.
CVEs this actor has used in known campaigns.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Domains, IPs, and hashes tied to this actor, refreshed continuously.