Remote Access Trojan

Remote Access Trojan

Updated Jan 08, 2020 at 04:12PM EST by Don.

Added Mar 25, 2013 at 08:25PM EDT by Don.

PROTIP: Press 'i' to view the image gallery, 'v' to view the video gallery, or 'r' to view a random entry.

This submission is currently being researched & evaluated!

You can help confirm this entry by contributing facts, media, and other evidence of notability and mutation.

About

Remote Access Trojans (RATs) are programs that allow remote control of computers they have been installed on. The applications are often used by hackers as the payload of a Trojan horse, giving the user access to the victim's machine without their knowledge or consent.

History

Back Orifice

The RAT program “Back Orifice” was created by the hacker group Cult of the Dead Cow (CDC) and allows users to control Internet-connected machines running Microsoft Windows from a remote location. The application name was intended to be a parody of Microsoft BackOffice server products. The tool was released by the CDC on August 1st, 1998, at the DEF CON hacker convention in Las Vegas, Nevada. According to the group, the program was created to illustrate the lack of security in Microsoft’s Windows 98 operating system. Back Orifice was often delivered to machines as a Trojan horse program, a type of malware unintentionally installed by users. On July 10th, 1999, an updated version of the tool named “Back Orifice 2000” (BO2k) was released by the CDC at DEF CON 7. The new version had several additional features, including a plugin architecture and the ability to be installed on several different versions of Windows.

Bandook

Bandook is a Trojan horse RAT that can be used to control a remote machine running Windows NT family systems in a variety of ways, allowing the hacker to access the computer's file system, take screen captures and log keystrokes. The application was developed by the Nuclear Winter Crew[7] hacker group in 2005, who specialize in creating spy, surveillance and computer security programs.

CyberGate

CyberGate[8] is a RAT that works on most Windows operating systems which allows the user to control multiple machines simultaneously.

DarkComet

The DarkComet RAT[10] comes equipped with a "Fun Manager," which allows the attacker to prank a victim by performing a variety of actions, including hiding parts of the screen, disabling the start button, disabling the task manager and opening the CD tray.

Online Presence

Several hacker forums have sections dedicated to discussing the use of RATs, including Hack Forums,[1] Hack Community[2] and VIP Hack Forums.[3] Beginner's guides to using RATs have been posted on the websites Hacker 101[4] and Anarchy Forums.[5] On March 10th, 2013, the technology news blog Ars Technica[9] published an article about the malicious use of RATs, which specifically investigated men who used the applications to spy on women. The article noted that women victims were often referred to as "slaves" and showed screen captures of women that had been shared on Internet forums.

Videos

Several YouTubers have uploaded recordings of RATs being used on unknowing victims, many of which send messages to the user or direct their browser to shock sites. Many video clips of RATs in action have been since removed from YouTube on the grounds of violating the site's content guidelines.

Search Interest

External References

[1] Hack Forms – Remote Administration Tools

[2] Hack Community – Remote Administration Tools

[3] VIP Hack Forums – Remote Administration Tools

[4] 101 Hacker – Introduction to RATs

[5] Anarchy Forums – Remote Administration Tool&

[6] Wikipedia – Bandook

[7] Nuclear Winter Crew – About

[8] Cyber Software – Cyber Gate

[9] Ars Technica – Meet the men who spy on women through their webcams

[10] Dark Comet RAT – Dark Comet RAT

Recent Videos 1 total

Recent Images 1 total


Top Comments


+ Add a Comment

Comments (6)


Display Comments

Add a Comment


Hello! You must login or signup first!