27 March 2013

"Remote administration tools" explained

The woman is visible from thousands of miles away on a hacker's computer. The hacker has infected her machine with a remote administration tool (RAT) that gives him access to the woman's screen, to her webcam, to her files, to her microphone. He watches her and the baby through a small control window open on his Windows PC, then he decides to have a little fun. He enters a series of shock and pornographic websites and watches them appear on the woman's computer.

The woman is startled. "Did it scare you?" she asks someone off camera. A young man steps into the webcam frame. "Yes," he says. Both stare at the computer in horrified fascination. A picture of old naked men appears in their Web browser, then vanishes as a McAfee security product blocks a "dangerous site."...

"Man I feel dirty looking at these pics," wrote one forum poster at Hack Forums, one of the top "aboveground" hacking discussion sites on the Internet (it now has more than 23 million total posts). The poster was referencing a 134+ page thread filled with the images of female "slaves" surreptitiously snapped by hackers using the women's own webcams. "Poor people think they are alone in their private homes, but have no idea they are the laughing stock on HackForums," he continued. "It would be funny if one of these slaves venture into learning how to hack and comes across this thread."

Whether this would in fact be "funny" is unlikely. RAT operators have nearly complete control over the computers they infect; they can (and do) browse people's private pictures in search of erotic images to share with each other online. They even have strategies for watching where women store the photos most likely to be compromising...

Welcome to the weird world of the ratters. They operate quite openly online, sharing the best techniques for picking up new female slaves (and avoiding that most unwanted of creatures, "old perverted men") in public forums. Even when their activities trip a victim's webcam light and the unsettled victim reaches forward to put a piece of tape over the webcam, the basic attitude is humorous—Ha! You got us! On to the next slave!..

Today, a cottage industry exists to build sophisticated RAT tools with names like DarkComet and BlackShades and to install and administer them on dozens or even hundreds of remote computers. When anti-malware vendors began to detect and clean these programs from infected computers, the RAT community built "crypters" to disguise the target code further. Today, serious ratters seek software that is currently "FUD"—fully undetectable...
Additional grim details are available at Ars Technica, via Get Cynical, which recently underwent a near-death experience, but is now alive and kicking again.

2 comments:

  1. Why I put tape over any camera I am not using.

    ReplyDelete
  2. I have just put tape over my Pentax film camera

    ReplyDelete