RATs: Invasion of Your Privacy

RATs: Invasion of Your Privacy
Digital Shadows Analyst Team
Read More From Digital Shadows Analyst Team
January 11, 2016 | 2 Min Read

When most people hear the word “RAT” they envision a large rodent that dines in dumpsters while seeking solace in sewers. For security professionals, the word , or term, RAT has an altogether different connotation. RAT, or “Remote Access Trojan”, is a form of malicious code that provides local system or network access to a remote attacker. RATs are favored highly by cyber criminals and nation states alike due to their efficacy and, in many cases, ease of deployment and management. Some key functions of RATs include:

  • Monitoring user behavior through key loggers
  • Monitoring user behavior through spyware suites
  • Providing unauthorized access to confidential, sensitive or in some cases, classified information
  • Providing access to a system’s camera for the purpose of taking snapshots or videos
  • Enabling a system’s microphone in order to hear conversations in a room or other environment
  • Taking screenshots
  • Distributing copies of themselves or other malicious code
  • Manipulating files on a drive (e.g. delete, download etc.)
  • Formatting a drive

Figure 1 below depicts a RAT, DarkComet, which is for sale on an underground marketplace. In this case, the seller is offering access to version 4.0-5.3.1 Full Versions with “Extras.” DarkComet offers a variety of features including:

  • Spy functions
  • Network functions
  • Computer Power
  • Server Actions
  • Update Server

Though developed in 2008, DarkComet began widespread proliferation in 2012, and remains popular in cyber criminal circles to this day.

RAT

In many instances a user can keep systems and environments protected from RATs by following basic information security principles. These basics include the education of personnel, patching of systems and network elements, the presence and deployment of advanced end point protection platforms, network elements such as next generation firewalls (NGFW), intrusion prevention systems (IPS), secure web and mail gateways. Furthermore, organizations must have solid risk-based threat mitigation programs, which account for people, process, and technology.

RATs can impact everything from mobile devices to laptops, desktops, and servers. Left unchecked, RATs can easily have an adverse effect on an organization’s digital footprint and shadow.

Access Our Threat Intel In Test Drive

Test Drive SearchLight Free for 7 Days
Try It Now

Connect with us

Related Posts

Escrow systems on cybercriminal forums: The Good, the Bad and the Ugly

Escrow systems on cybercriminal forums: The Good, the Bad and the Ugly

August 11, 2020 | 15 Min Read

Just a few short months ago, the...
Saving the SOC from overload by operationalizing digital risk protection

Saving the SOC from overload by operationalizing digital risk protection

August 5, 2020 | 4 Min Read

As you may have seen last week, the latest...
The story of Nulled: Old dog, new tricks

The story of Nulled: Old dog, new tricks

August 4, 2020 | 9 Min Read

It is often said that old dogs have a hard...