Blackpoint flags LabubaRAT: Rust MaaS RAT poses as NVIDIA
Blackpoint Cyber's Sam Decker and Nevan Beal document LabubaRAT — a Rust MaaS trojan on Windows that ships as nvidia-sysruntime.exe with runtime config.
Confirmed: Blackpoint Cyber researchers Sam Decker and Nevan Beal
documented LabubaRAT
on July 14, 2026 — a previously undocumented Rust-based remote access
trojan for Windows that ships as nvidia-sysruntime.exe, imitating the
NVIDIA container runtime toolkit. Confidence on the discovery, the language,
and the masquerade filename: high, per Blackpoint’s writeup as reported by
The Hacker News. Confidence on scope of victims and campaign attribution:
unconfirmed — treat accordingly.
What Blackpoint reports
A single compiled binary. Not a bespoke build per target — configuration is supplied at runtime, either as discrete command-line arguments or as a single Base64-encoded blob. Blackpoint’s own framing, quoted in the report: “the same compiled binary could be reused with different infrastructure, organizations, or campaign groupings.” That’s the MaaS shape, and Blackpoint says it. Confidence: as-reported.
On-host capabilities, per Blackpoint:
- Command execution, PowerShell execution, and JavaScript execution.
- Screenshot capture.
- File upload, download, and archive handling.
- SOCKS5 proxy support.
- Host profile — hostname, RAM, CPU model, UAC state.
Before it settles in, LabubaRAT enumerates what’s already on the box. The inventory list Blackpoint published names browsers (Chrome, Firefox, Edge, Brave) and security products (Microsoft Defender, CrowdStrike, SentinelOne, Carbon Black, Sophos, Malwarebytes, Bitdefender, ESET, Kaspersky, McAfee, Symantec, Trend Micro). Confidence: as-reported. We are not publishing detection-evasion mechanics.
Configuration lands in a local SQLite database. C2 supports HTTPS,
WebView2, and DNS tunneling — three separate channels that let the same
binary talk out of environments with different egress postures. Blackpoint
names one C2 host so far: pipicka[.]xyz. Confidence on the host and
the three channel types: high, as-reported.
The MaaS branding
Blackpoint ties the tooling to a control panel called “LabubaPanel” and notes a matching Labubu-themed favicon on associated infrastructure. That’s enough shared branding to treat this as a rented offering rather than a bespoke tool, but Blackpoint has not — as of publication — named a seller, a pricing tier, or a customer list. Confidence: as-reported. Attribution to any specific threat actor: unconfirmed — treat accordingly.
Persistence
User-level autostart. No separate loader required — the RAT handles its own foothold. Blackpoint does not report the specific autostart mechanism in the summary we have. Confidence: as-reported.
What we can and cannot say about victims
Cannot say: who has been hit, in which countries, in which industries, under which campaign name. Blackpoint’s July 14 writeup is a malware analysis, not a victim disclosure. Unconfirmed — treat accordingly.
Can say: the artifact is designed to blend into environments that already
run NVIDIA tooling — machine-learning workstations, CUDA build hosts,
video-encoding pipelines, GPU-provisioned servers. A file named
nvidia-sysruntime.exe on any of those looks native. Confidence on the
masquerade choice’s plausibility as blending: high, by inspection of the
naming.
What to actually do
If you run Windows hosts with NVIDIA tooling installed:
- Grep endpoint and EDR telemetry for
nvidia-sysruntime.exe. The real NVIDIA container runtime does not use that filename. Any hit is worth pulling apart. Confidence: high — filename is the report’s headline IoC. - Grep proxy and DNS logs for
pipicka[.]xyzacross your retention window. One hit is one host to isolate. Confidence on the C2: as-reported — Blackpoint’s July 14 publication. - Alert on new user-level autostart entries on hosts that shouldn’t be getting them (developer workstations excepted). Standard hygiene; the report reinforces why.
None of the above assumes you are compromised. All three assume you would rather know than not.
Timeline
- July 14, 2026 — Blackpoint Cyber publishes the LabubaRAT analysis; The Hacker News summarizes the same day.
- Unconfirmed — first observed deployment date, size of any victim pool, whether operators have added a second C2 since publication.
We will update when Blackpoint or another vendor names a victim, a country, or a campaign.
Sources
- The Hacker News — “LabubaRAT Masquerades as NVIDIA Software to Control Windows Hosts” — July 14, 2026, summarizing the Blackpoint Cyber analysis by Sam Decker and Nevan Beal.
Found this useful? Share it.


