CyberGate

Also known as: Rebhip

According to Subex Secure, CyberGate is a Remote Access Trojan (RAT) that allows an attacker to gain unauthorized access to

the victim’s system. Attackers can remotely connect to the compromised system from anywhere

around the world. The Malware author generally uses this program to steal private information

like passwords, files, etc. It might also be used to install malicious software on the compromised

systems.

C2 Infrastructure

Hosting/VPS 67%

ISP/Residential 33%

Last 7 days

Jun 4, 2026

C2 Hosts: 3

Daily C2 host counts for the last 7 days
Date	C2 Hosts
Jun 4, 2026	3

Further Reading

RL Blog | ReversingLabs

RL Blog: AppSec & Supply Chain Security, Dev & DevSecOps, Threat Research, and Security Operations (SecOps)

blog.reversinglabs.com

Packrat: Seven Years of a South American Threat Actor

Report uncovering a South American group targeting politicians, journalists, and civil society with malware campaigns, phishing, and elaborate fake organizations.

Ten process injection techniques: A technical survey of common and trending process injection techniques

Process injection is a widespread defense evasion technique employed often within malware and fileless adversary tradecraft, and entails running custom code within the address space of another proc...

Ten process injection techniques: A technical survey of common and trending process injection techniques

Process injection is a widespread defense evasion technique employed often within malware and fileless adversary tradecraft, and entails running custom code within the address space of another proc...

Analysis of top non-HTTP/S threats | Zscaler Blog

In this article, Zscaler security research team dissect the custom protocols used in some of the most prevalent RATs seen in recent campaigns. Read more.

CyberGate, RedLine Part of AutoIt Malware Campaign| Zscaler

The CyberGate RAT and RedLine stealer are being delivered in ongoing campaign using the AutoIt malware. Read more.