Under CTRL: Dissecting a Previously Undocumented Russian .Net Access Framework - Censys
Censys discovers CTRL, undocumented Russian .NET remote access toolkit.
Summary
Censys ARC researchers have identified a previously unknown remote access framework called CTRL with Russian origins. The malware is built on .NET and functions as a remote access toolkit. This discovery expands the known landscape of Russian-origin cyber attack tools.
Full text
US: +1-888-985-5547 Intl: +1-877-438-9159 connect@censys.com Why Censys Censys Platform Censys Search AI at Censys Threat Hunting Attack Surface Management Censys for Government Partners Request Demo Explore Careers Security Advisories Blog Contact Us Community Documentation Pricing Popular 2025 State of the Internet Report Cloud Security Assessment Tools Infrastructure Monitoring Vulnerability Management Tools Top Ransomware Attack Vectors Attack Surface Mapping Subscribe to our newsletter YoutubeLinkedinX500px Why Censys Censys Platform Censys Search AI at Censys Threat Hunting Attack Surface Management Censys for Government Partners Request Demo Explore Careers Security Advisories Blog Contact Us Community Documentation Pricing Popular 2025 State of the Internet Report Cloud Security Assessment Tools Infrastructure Monitoring Vulnerability Management Tools Top Ransomware Attack Vectors Attack Surface Mapping Subscribe to our newsletter YoutubeLinkedinX500px
Indicators of Compromise
- malware — CTRL