RATs!

clytech Networking, Security

Being in control is no doubt a desire that is largely illusive in this age of information. Sure you can be in control, but only of…? Think about it; computers are everywhere. Networking is embedded in almost each and every device. Question is, are you really aware of what happens in the background when you take that selfie? I am not trying to spook you.
In this article, we elucidate a group of tools that can take your device hostage, control it and even shut it down – all this without your permission or knowledge – RATs.

Remote Administration Tools are computer programs that when installed on a computer, allow a person to remotely access a computer with the system administrator privileges as though they logged on to an administrator account physically, at the system.
This may sound impractical but indeed it happens and more so without you knowing it, leading to compromise of data, execution of harmful programs and sometimes to the destruction of hardware components of the computer.
If by any chance a RAT is successfully installed on your computer, the hacker can wreck havoc and you’ll only notice when it’s too late.

What makes the complete removal of remote access from computers an illusion is the imminent need for it to be there. There are very useful tasks that are performed using remote access functionalities and by extension, tools. These include but are unlimited to; remote technical assistance, synchronizing of devices and apps, system monitoring and sharing of files.

How do you get them?
For a RAT to infect your computer, it must be installed in one way or the other. You can either be aware of the installation or it can happen without your know how. In this section, we shall look into both cases.
Manual Installation
In this scenario, a hacker can physically access your system and install the RAT without your knowledge. People who have access to your system and have enough privileges to install apps in the system can also install these RATs. It is not always a hacker. In both instances however, you have to be unaware of the presence of the RAT.
Infiltration
Physical access to the system that needs to be hacked is not always an option. When such a hurdle arises, there is always the availability of other mechanisms to deliver the RAT. These can range from worms, viruses and back-doors to innocent advertisements on the internet through vulnerable browsers such as IE – this is public knowledge, so be careful.

What can RATs do?

To be frank, the better question would be; what can’t you do with your computer? If you can’t do it, most probably the RAT can’t – but that is not always the case. When a remote application is installed on your system, more often than not it gets administrator privileges. These privileges give the hacker the ability to do whatever they want with your computer. Their acts can be innocent like blinking your screen twice but sometimes, most times the hacker does not want to do that. What benefit is there?
Once in the system, the RAT allows the user to do all manner of things including but not limited to; hardware controls, R/W files & folders, log activities, degrading computer performance, stealing of confidential information and comatose of hardware components through overheating them and so forth. This may seem complex but once the RAT is in the system, nothing is too hard – nothing.
You can consider a RAT that logs each time you log in to a website, captures that data including passwords in plain text and transmits it to a remote server; all this without your knowledge. Some are complex, knows to mascaraed as legitimate software that escapes not only your expertise but that of well know professional antivirus firms. Before they are captures, it becomes a loss to quite a number of people.

How to take care

“The best defense is more often than not; the simplest choice. Take a tank to a gun fight and you have a higher chance of wining. “
McAfee Antivirus recommends some really simple steps and I second them. It really is not that complex.

Examples of RATs

There are a bunch of RATs out there but for our case, I shall only briefly describe two.
Back Orifice
Started as early as 1995, this RAT has evolved to all too know software in recent times including key-loggers and hijackers. It was programmed by a group of programmers and of course, it has a significant number of its feats under its belt. This piece of software is not to be dismissed. Among other functions, it can shutdown its host system, spawn apps, log key presses, disconnect servers and clients, create registry keys and intercept TCP connections. In other words, should your computer be infected, you are done for.
PC Invader
This RAT is also a veteran in the dark market and its compromises are not that simple when installed on your system. Its most prominent feature is popups on your PC. Popups that can be quire naughty and embarrassing as well as advertisements. As though that was not enough, the app causes the sending of hacker-defined emails from your mailbox using your email address, creates shortcuts on your desktops and really slows down your computer. All this is done while the person behind the scheme has a hidden agenda. As you try getting rid of the RAT, information could be stolen, deleted or worse.

With that knowledge, you are in the know. Be careful, note what you install on your computer.

Leave a Reply

Your email address will not be published. Required fields are marked *