RATs: Invasion of Your Privacy

RATs: Invasion of Your Privacy
Digital Shadows Analyst Team
Read More From Digital Shadows Analyst Team
January 11, 2016 | 2 Min Read

When most people hear the word “RAT” they envision a large rodent that dines in dumpsters while seeking solace in sewers. For security professionals, the word , or term, RAT has an altogether different connotation. RAT, or “Remote Access Trojan”, is a form of malicious code that provides local system or network access to a remote attacker. RATs are favored highly by cyber criminals and nation states alike due to their efficacy and, in many cases, ease of deployment and management. Some key functions of RATs include:

  • Monitoring user behavior through key loggers
  • Monitoring user behavior through spyware suites
  • Providing unauthorized access to confidential, sensitive or in some cases, classified information
  • Providing access to a system’s camera for the purpose of taking snapshots or videos
  • Enabling a system’s microphone in order to hear conversations in a room or other environment
  • Taking screenshots
  • Distributing copies of themselves or other malicious code
  • Manipulating files on a drive (e.g. delete, download etc.)
  • Formatting a drive

Figure 1 below depicts a RAT, DarkComet, which is for sale on an underground marketplace. In this case, the seller is offering access to version 4.0-5.3.1 Full Versions with “Extras.” DarkComet offers a variety of features including:

  • Spy functions
  • Network functions
  • Computer Power
  • Server Actions
  • Update Server

Though developed in 2008, DarkComet began widespread proliferation in 2012, and remains popular in cyber criminal circles to this day.

RAT

In many instances a user can keep systems and environments protected from RATs by following basic information security principles. These basics include the education of personnel, patching of systems and network elements, the presence and deployment of advanced end point protection platforms, network elements such as next generation firewalls (NGFW), intrusion prevention systems (IPS), secure web and mail gateways. Furthermore, organizations must have solid risk-based threat mitigation programs, which account for people, process, and technology.

RATs can impact everything from mobile devices to laptops, desktops, and servers. Left unchecked, RATs can easily have an adverse effect on an organization’s digital footprint and shadow.

Related Posts

3 Phishing Trends Organizations Should Watch Out For

3 Phishing Trends Organizations Should Watch Out For

May 20, 2020 | 16 Min Read

It’s only May, and is it just me, or has this...
The 2020 Verizon Data Breach Investigations Report: One CISO’s View

The 2020 Verizon Data Breach Investigations Report: One CISO’s View

May 19, 2020 | 6 Min Read

Sadly, Marvel’s Black Widow release date was...
A NEW DECADE OF CYBER THREATS: LOOKING BACK AT THE TRENDING CYBER TOPICS OF Q1 2020

A NEW DECADE OF CYBER THREATS: LOOKING BACK AT THE TRENDING CYBER TOPICS OF Q1 2020

May 14, 2020 | 10 Min Read

Q1 2020 was packed full of significant...
BitBazaar Market: Deception and Manipulation on the Dark Web

BitBazaar Market: Deception and Manipulation on the Dark Web

May 12, 2020 | 8 Min Read

It's a BitBazaar that they thought they...