SophosLabs’ latest research report is dedicated to the intriguing case of the RATICAT gang.
These messages are made to be fascinating to read, because they reveal the workings and recent development of a group of cyber criminals we have called RATicate who seem to be looking for money in a series of malware-related cakes.
In fact, these scammers are prey to a large number of companies in many sectors, at least in Europe, the Middle East and Asia.
RAT stands for Remote Access Trojan, a malicious program designed to configure a computer so that attackers can send unauthorized commands over the Internet, if you are not already familiar with the word used in articles on cyber security. Hop over to these guys Windows Plesk server support.
A RAT infection means that fraudsters can have your computer perform a number of problematic actions, including
- A report with a detailed inventory of the computer, including installed software, network connection and speed, configuration settings and license keys.
- If you go through your files, look for trophies that are worth stealing.
- Check your keystrokes and network traffic hoping to obtain passwords and tokens for network authentication.
- Launch criminal attacks on other networks and computers so that the source of the attack can be traced immediately.
- They send huge amounts of spam and fraud, so any attempt to block the list of offending messages will affect your Internet connection and leave the scammers intact.
- Sneak screenshots to keep track of what you’re doing online.
- Activate the webcam remotely to keep an eye on you while working on your computer. (Some laptops are equipped with webcam lights that can be turned off independently of the camera to hide that the webcam is turned on).
- Downloading and installing additional malware on your computer, possibly as part of an underground service to spread malware from other scammers for a fee These malware updates can lead to a ransom attack.
In media reports, the term RAT is often used to refer to remote management malware intended primarily to abuse your webcam, usually for malicious purposes – the word RAT is used metaphorically to describe the sinister nature of the scammer who used it.
Here at Naked Security, we have reported numerous cases of malicious attacks on the TAR, including some involving a Blackshades Trojan, a sadly offended American student who admits his guilt for spying on some 150 young women with their webcams in 2014.
However, as you can see from the list above, TAR can also be used for other purposes. You will often hear them as robots or zombies, because they turn your computer into the secret servants of cyber criminals that can be found almost everywhere in the world.
