2013-03-20

RAT Remote Access Tool

From hundreds of miles away, a man sits at his monitor watching an unsuspecting woman use her computer, undress and go to sleep. She has no idea she’s being watched. The remote attacker has installed software to control her webcam. What’s worse, he’s recording all of her actions and posting those videos on YouTube or trading the videos with other voyeurs online.

R.A.T. Remote Access Tools This scenario is happening more and more; there are myriad photos and videos available online indicating the practice is getting easier and more popular with an online community called Ratters. They use Remote Access Tools (R.A.T.s) to activate the webcams of compromised computers and record video of unsuspecting users. They call the owners of these infected computers “slaves,” and compromising videos, especially of female slaves, are openly traded, and posted on YouTube.

Online Forums of Ratters Grow The practice of taking over a computer is not new. Hackers have produced software for years that gives complete control of a machine to a remote attacker. Aspects of these tools are also common in the IT field for offering remote tech support. But what’s new is the community of remote attackers who have formed in hacking forums to share or trade access to the enslaved computers and talk about their exploits.

In a detailed article on Ars Technica, journalist Nate Anderson probes into the members at hackforums.net, which he says has more than 134 pages of posts featuring captured images and video of female slaves. Some are recorded from webcams, and others are videos or images found on the hard drives of compromised computers that their owners thought were private and secure.

Scare Tactics Beyond invading a victim’s privacy, Ratters have tools in their software to scare or annoy remote victims. They can open and close their DVD drives, display graphic images on screen, have the computer read aloud using text-to-speech applications, or even hide the start button.

Hard to Police While this type of unauthorized computer intrusion is clearly against the law, the fight against Ratting is a challenge. There are many free or low-cost programs already available online, attackers are not usually local or in close proximity to victims, and while any one forum of Ratters could be shut down, others could easily pop up elsewhere.

How Victims Are Infected Victims are infected with remote access tools the same way many viruses spread: opening attachments, drive-by downloads from sketchy sites, downloading files from torrents or file-sharing sites, or being tricked into clicking links through social media sites.

How to Protect Yourself The good news is that these tools can be detected and held at bay. First, pay attention to the little light next to your webcam. If at anytime it’s lit and you aren’t using your webcam, find out why it’s engaged by running either an antivirus program or hitting ctrl-alt-del to see what processes are actively running. If you see anything suspicious, it’s time to disconnect from the Internet and disinfect.

[RELATED: Does Your PC Have a Virus – Or Is It Just Slow?]

Best practices to stay safe include using a firewall, keeping all software up to date, and using an anti-virus program. Also, staying away from torrent sites and sketchy websites will add a layer of protection, as many Ratters seed files on these sites disguised as free videos, music or software programs. If your paranoia is high and you really want to be sure your webcam isn’t spying on you, some have suggested taping a piece of paper over the camera, but this does nothing to protect your information or image/video files already on your computer.

No comments:

Post a Comment