RTM (Read The Manual)

Targeted industries:

State sector
Industrial sector
Information technologies
The energy sector
The finance sector

HACKER GROUPS

Table of Contents

Alternative group names

Reports by Positive Technologies and other researchers

MITRE ATT&CK techniques, used by the group

Analytics articles

What are the security threats on your network?

Check your traffic-for free

Request pilot

General description

The RTM cybercrime group began its activity in 2015 and it attacks organizations from various sectors, to steal cash from accounts, confidential documents and accounts. The group uses malware that it develops itself. The group's malware does not have a static control server; it receives it through the blockchain.

Tools

RTM downloader
RTM backdoor
Pony stealer
Azorult stealer

Target sectors

The finance sector
The energy sector
The state sector
Information technologies
Industrial sector

Target countries

Russia
Belarus
Kazakhstan

Objectives

Cash theft
Confidential data
Account theft

Alternative group names

None

Reports by Positive Technologies and other researchers

MITRE ATT&CK techniques, used by the group

Download:

.csv

Get in touch

Fill in the form and our specialists
will contact you shortly

General
questions

We're happy to answer any questions you may have.

Partnership

Join us in making the world a safer place.

Request a pilot

Test drive our solutions with a customized pilot program.