THREATOPS
THREAT OPSThreat News › Flash Alert: EtherRat and TukTuk C2 End in The Gentleman Ransomware

Flash Alert: EtherRat and TukTuk C2 End in The Gentleman Ransomware

lowdfirreportPublished 2026-05-11

<p>The EtherRAT malware family was first reported by Sysdig back in December 2025. At that time, the initial access vector was exploitation of CVE-2025-55182 (React2Shell) targeting Linux servers. In March 2026, a Windows variant campaign was reported by Atos, with their investigation showing evidence of activity going back to the previous December. In April, we [&#8230;]</p> <p>The post <a href="

Indicators of compromise

Original source: https://thedfirreport.com/2026/05/11/flash-alert-etherrat-and-tuktuk-c2-end-in-the-gentleman-ransomware/