An image uploaded to a hacking forum showing a woman booting up her computer seen through her webcam.

The senior security officer at antivirus software company Trend Micro has another name for RAT: Remote Access Trojan. “It’s software loaded on someone’s computer that allows it to be controlled or accessed from a third-party location,” says Adam Biviano in Sydney.

“They often come to a computer pretending to be something else,” he says. “Just like the mythological story, you open your doors and allow it inside your protected walls. All of a sudden you think you are getting a thing, but in reality you are getting what they call a “RAT.” You are giving access to your computer to … who knows who. “

An image uploaded to a hacking forum showing a woman looking at her computer through her webcam.

An image uploaded to a hacking forum showing a woman looking at her computer through her webcam.

A revenge-driven 14-year-old is probably one of the last people you’d want unlimited access to your computer. Especially if you are female, since one of the most commonly exploited features of RAT software is the ability to spy on a user’s webcam. Many modern laptops display a green light when the webcam is in use; However, the developers of RAT have long figured out how to turn off this telltale sign on certain computers.

The cumulative effect is a blatant violation of privacy, often unbeknownst to the user. Think about the location of your computer’s webcam and what someone might see if they were constantly watching you: your antics in the bedroom, maybe, or your daily naked walk around the house. They might even see you taking your laptop to the bathroom with you.



Discussion threads in the Remote Administration Tools section of are bursting with webcam screenshots, celebrating both “hot female slaves” and “ugly slaves”.

Alex uses a pseudonym on HackForums that Fairfax Media has chosen to keep secret in order to conceal his identity. He has been a particularly active member of the community over the past 12 months, recording over 6,000 messages – about 17 per day – while also establishing himself as a useful source of information for new RATs.

“When I started it was hard to learn,” he says. “I was confused. I was helping others because I wanted them to feel what I felt when I first started RATtering – that feeling of excitement. I wanted to empower them.”

The teenager says he has never had a job, yet he has been making a respectable income from his RAT activities for over two years. His parents started asking questions when he connected his PayPal account to his bank account, and money up to $ 500 at a time was pouring in: Enjoy his Runescape flights. “I sat down with them and told them what was going on,” says Alex.

“They got it. They said, ‘If you get caught, you’re in trouble.’ My parents are laid back about this because they knew I was smart with computers when I was younger. I have become a lot smarter since then. However, their son may not have been entirely honest. on the precise source of his income: “They don’t really know what’s going on behind the scenes when I’m on the computer,” he admits.

Trend Micro’s Adam Biviano isn’t surprised by Alex’s exploits, nor by his age. “I’ve been in the anti-malware industry for about 15 years,” he says. “A lot of these attacks start with pretty young people. It’s that younger element that probably doesn’t understand the legal implications of what they’re doing. They think because it’s online it’s just a little harmless fun.

“We are also seeing that these skills are being used in a much more malevolent way these days, targeting businesses, individuals targeted by stealing their identity, even cross-border espionage using RAT,” he said. he declared, referring to a malware outbreak in the fractured state of Syria Last year. “[Virtual goods theft] is one of the more benign uses of RATs, but it can certainly get more unpleasant from there. “

The Attorney General’s Department responded to questions with this statement: “The Commonwealth Criminal Code contains a series of offenses that apply to unauthorized access or modification of data, as well as offenses relating to possession. , controlling or providing data with an intention to commit a computer crime. “

Federal penalties for these offenses range from two to ten years imprisonment; states and territories also have laws prohibiting the installation and use of surveillance devices, including eavesdropping, optical, tracking and data monitoring devices, which may also apply to those who use RAT for malicious purposes.

The Department of Broadband, Communications and the Digital Economy said it did not have a position on the use of RATs among individuals.

Remote access technology isn’t new – Windows has built in this feature for many years – but the form of malware spread is a constant headache for security companies like Trend Micro, especially more than some of these products are marketed under the name “FUD”: completely undetectable, either by the software or by the user.

“It’s the unfortunate part of the business we’re in,” says Biviano. “For a malware author, we are part of their quality assurance process. Malware will be sold for much more than a competitor’s product if it is undetectable by current anti-malware products. This is the sad fact of life right now. “

Trend Micro labs treat RAT infections on a daily basis, not only on personal computers, but increasingly on mobile devices. “This year alone, we predict that we will see nearly a million forms of malware just on [the] Android [mobile operating system]. Many of them will have RAT built in. It’s very rare these days that we see malware that doesn’t have some sort of remote access capability. “

RATs have a long history of legitimate and non-malicious use: IT departments around the world benefit from the ability to view co-workers’ screens during troubleshooting on a daily basis, as do workers who want to access files on their home computers from anywhere. office.

Chris Gatford, Director of Sydney Security Consulting HackLabs, uses this type of software to perform penetration tests for customers on four continents. “We are committed by our customers to compromising their environment,” says Gatford. “We use social engineering as a mechanism to access the organization, using ‘RAT-like’ functionality in commercial security testing tools to do our work.

“In our experience, when performing these tests, we are very rarely detected, and therefore most organizations are not able to detect it,” he says. “I would say the majority of Australian organizations would certainly not have the capacity to detect if they have been infected with RATs, if [the software] was used correctly by attackers. “

Using freely available RATs with names like DarkComet and BlackShades, Alex was able to control up to 1000 computers simultaneously. The two monitors in his Wauchope room have become a window to the world. “I had a guy in Vietnam who worked in a store,” he says of his “slaves”. “I had a whole Asian family that looked at the computer at the same time. I had a lot of ugly people; a guy in the ’90s or something, that looked like Santa Claus,” he says. laughing.

He clicked on people masturbating because of child pornography. He didn’t like it at all. “I basically destroy their computer if I see them looking at this shit, because it’s just plain wrong.” With a few commands, it would delete the “system32” folder from their computer; without these files, Windows operating systems will not work.

But those days are behind Alex now. In mid-March, he posted a thread on HackForums saying goodbye to using remote administration tools. The 17-year-old feels he has learned everything about RATs. He had fun, made money. Now he is focusing on learning to code, while balancing his workload in grade 11. He enjoys software design, IPT and English, but hates math. He’s eager to go to college – something to do with computers, of course – and a career in penetration and vulnerability testing.

The only thing that kept the teenager from accessing the computers of strangers without their knowledge was boredom. That initial buzz – that feeling of being “the happiest kid in the world” – has long since dissipated. Crude invasions of privacy have lost their luster. Alex maintains that he has never touched any RATting bank account: “This shit is lame,” he says. “I know people do it, but it’s a dog’s act.”

If he had been caught by the police – not that he had ever approached them – he would have justified his behavior thus: “I know it was wrong to steal virtual goods, but I don’t. didn’t do it for the wrong reasons.

“I did this for educational purposes. Hacking isn’t just about ‘bad’ things. Most people hack to learn.”

When asked if he’s proud of what he’s done, he laughs. “I kind of am! I felt bad when my things were stolen, though.” But was it good when you did it to others?


He pauses. “Now I’m confused… How can I say it? The RAT is bad and good. People do it for knowledge; people do it to steal shit; people do it to mess around. is something hackers these days need to learn, before they move on.

Andrew McMillen (@NiteShok) is a freelance journalist based in Brisbane, Australia.

Source link

Leave a Reply

Your email address will not be published.