Beware of Malicious RATs

TECHNOLOGY

A RAT is malware that allows a remote “operator” to control your computer from any location.

The acronym RAT brings shivers to even the most experienced anti-virus programmer. A remote access tool (also referred to as remote administration tool), or RAT for short, is a seemingly innocent type of software used to access and control a computer system remotely. As the description depicts, a RAT is not much di?erent from products such as Windows Remote Desktop, TeamViewer or VNC in that it allows an external third party access to your computer to assist with team collaboration, troubleshooting, and/or repairs. Unlike these useful and legitimate tools, however, the software typically described by the acronym RAT is used for nefarious activity and is associated with those who wish to gain access to and control your computer for personal gain or malicious purposes and, as such, do not seek “permission to come aboard.”

The use of RATs to gain access to people’s private data and personal lives has gone “mainstream.” Notable occurrences are popping up more frequently in the news, such as when Cassidy Wolf, Miss Teen USA 2013, and several other victims were spied upon by a 19-year-old computer science student who took over their computer cameras and purportedly attempted to blackmail the teen with unflattering photos and videos.

A RAT Is Powerful

RAT software is incredibly powerful and can leave your computer, and therefore your data and personal life, vulnerable. Once installed, the third party can, without your knowledge:

• turn your computer on and o? remotely at will
• install other software
• turn your computer camera on or o? and capture images and sound
• immobilize anti-virus software
• make changes to your computer registry
• use your computer to attack other computers
• access credit card or other confidential data
• steal passwords and account information
• override the keyboard and the mouse
• reformat your hard drive
• access storage drives attached to your computer

A RAT can do anything you can do.

A RAT Can Imitate You

In essence, anything you can do while sitting in front of your computer screen, a hacker with RAT software installed on your computer can also do from any remote location, whether it’s down the street from your home or office, or across the globe. Maintaining up-to-date software, operating systems, and anti-virus programs has been the mantra of computer security experts since the first Trojan horses started appearing in a 1986 freeware program called PC-Write. Much like other viruses and Trojan horses, this type of malware can be introduced onto your system when you open attachments in your email, download and install software via P2P (peer to peer) file sharing software, or download files from the Internet. To help keep your system clean and secure and eliminate the risk of inadvertently installing a RAT onto your system, remember to follow these general computer safety guidelines:

• Purchase or download software from reputable software companies.
• Deal with known and well-established computer technicians and support companies in your community.
• Avoid the temptation to click on free software pop-ups or add-ons. Even if it appears harmless, you can never be sure how random freeware might impact other software on your computer.
• Carefully review any email that comes in with an attachment. Ask yourself whether you know the person from whom the email came. Even if you do, it might not be wise to follow a link or download an attachment just for the sake of seeing some cute kitten run across your screen.
• Download and install apps to your smartphone from the app store that has been vetted by your carrier. Avoid any third-party apps that provide links to download software, sounds or images to your phone.
• Always run an anti-virus scan on CDs, DVDs or any external data storage device before copying ?les or installing software.
• Keep your anti-virus software up to date, and always download and install any updates prior to going online or using external storage devices.
• Do not click on or open pop-ups that indicate they have found weaknesses in your system. Hackers have been known to use this scare tactic as a means of planting viruses within your computer.
• Don’t download software or upload personal information unless you have a secure connection (HTTPS)
• Run anti-virus scans on data being transferred from one computer to another, even within your own office. It only takes one infected machine to compromise all your data.

Anti-Virus Software Is Reactive,
Not Proactive

It is always important to remember that most anti-virus software is reactive – malware or viruses cannot be detected by your anti-virus software unless there is something to find, which means that by the time it is detected, it might already be too late. To make matters worse, hackers are determined and inventive and are always looking for ways to “beat the system.” Recently, hackers have been trying to find and exploit vulnerabilities in frequently used software such as Oracle Java and Adobe Reader. This tactic is devious because these applications are not typically built to protect against such invasions and are not designed with the “beefed up” security of Microsoft Windows and other operating systems.

Be Vigilant

While this new pattern of attack may leave the unsuspecting user at greater risk, a vigilant computer security regimen will help to protect against these hackers and can keep even the RATs at bay.