My Dear Crush Dear Crush Letters Dear Crush Cute Love Letters

Remote Access Trojan (RAT) : Introduction

Remote Access Trojan (RAT) is a malware program that installs a backdoor for administrative access over victim PC. RATs are downloaded without user permission along with user requested program, such as: Music, Games and pirated software, or sent as an email attachment.

RAT controls a system via network connection or by physical access. RATs are usually associated with criminal activities, such as: stealing passwords, spying on user, cookie stealing and many more.

Here are some popular RATs.

  • Back Orifice
    Developer(s) : Sir Dystic (cDc)
    Release : August, 1998
    Operating System : Microsoft Windows, Unix-systems (client only)
  • NetBus
    Developer(s) : Carl-Fredrik Neikter
    Operating System : Microsoft Windows
  • Beast Trojan
    Developer(s) : Tataye
    Release : 2002
    Operating System : Microsoft Windows
  • DarkComet
    Developer(s) : Jean-Pierre Lesueur
    Operating System : Microsoft Windows

 

            RATs are very common and designed to provide the attacker complete control over the victim’s system. They can be used to steal sensitive information, to spy on victims, and remotely control infected computers. RAT infections are typically carried out via spear phishing and social engineering attacks. Most are hidden inside heavily packed binaries that are dropped in the later stages of the malware’s payload execution.

Although RATs are very challenging to detect for the following reasons:

  • They open legitimate network ports on the infected machines. Since this is a very common operation, it appears benign to most security products.
  • They mimic legitimate commercial remote administration tools.
  • They perform very surgical operations that do not resemble common malware techniques.

 

Recently, Gazer Backdoor exploited Ministries and Embassies Worldwide. AngelFire, CIA Malware infected System Boot Sector to hack Windows PC.