RAT Hackers Targeting Women, Children for Fun and Extortion
If you’ve used services like WebEx or Skype then you’re probably familiar with desktop sharing technology. In a nutshell, desktop sharing allows someone to remotely control someone else’s computer, meaning they can access files and launch applications as if they were on their own computer. In applications like this, desktop sharing technology is totally legal, but like with geotagging technology, there are those who choose to abuse it.
Ars Technica recently reported on the details and hacker culture behind the Remote Administration Tool, or RAT for short. According to Ars, the RAT has been around since 1998 and was originally created for purposes like remote tech support and employee monitoring. But today, the technology is used differently, almost mimicking the way some people misuse video chatting technology, social networks and geotagging information. And furthermore, it’s all very accessible to the general public with forums like Hack Forums and how-to books like Rusty_v’s Spreading Guide v 7.0.
Today, a cottage industry exists to build sophisticated RAT tools with names like DarkComet and BlackShades and to install […] them on dozens or even hundreds of remote computers. When anti-malware vendors began to detect and clean these programs from infected computers, the RAT community built “crypters” to disguise the target code further. Today, serious ratters seek software that is currently “FUD”—fully undetectable.
How It Works
The RAT gives hackers, or “ratters” (as Ars so appropriately named them), access to a victim’s (which ratters refer to as slaves) entire computer. Access is granted when the victim downloads the RAT software, which is usually embedded in popular music, movie and video game torrent files. Once in, ratters can activate your webcam, run applications, surf the Internet on your browser or just copy all the files from your computer to theirs. They can also employ more sophisticated techniques to record your website login credentials, which, as you can imagine, open up the door to private information like your credit cards and account numbers, making you a prime candidate for identity theft. And since they have access to your entire computer’s hard drive, ratters can use any private files or intimate photos that they find as leverage to blackmail you.
Like most cyberbullies, these ratters are merely trying to get a reaction out of their slaves by posting pornographic links in their browser, opening their optical drive or sending them creepy messages through Skype. At the same time, a lot of hackers in the community openly oppose misuse of the RAT by warning other users of the legal consequences or simply asking them to put themselves in their victim’s shoes.
Other ratters have a soft spot for certain scenarios. Taking over other people’s computers might not be bad, spying on them might be OK, but making young children cry might cross a line.
But not all ratters stop there. Some go as far as selling those intimate photos and that private information to other users in the Hack Forum community, for example. And as Ars reported, ratters are usually men with a collection of slaves that are typically young, attractive women.
“Man I feel dirty looking at these pics,” wrote one forum poster at Hack Forums, (it now has more than 23 million total posts). The poster was referencing a 134+ page thread filled with the images of female “slaves” surreptitiously snapped by hackers using the women’s own webcams. “Poor people think they are alone in their private homes, but have no idea they are the laughing stock on HackForums,” he continued. “It would be funny if one of these slaves venture into learning how to hack and comes across this thread.”
If the technology is too much to handle, no worries! More “successful” ratters rent out their slaves for a fee, or simply give them away for free in a “Free Girl Slave Giveaway”.
How to Protect Yourself
As Ars puts it, “RATs aren’t going away, despite the occasional intervention of the authorities. Too many exist, plenty of them are entirely legal, and source code is in the wild.” To stay clear of this virus, there are a number of things you can do—or better yet, shouldn’t do. First, make sure to keep your computer’s operating system, plugins (like Java for Flash), anti-virus programs updated. If you don’t have an anti-virus or anti-malware program, buy one today; they’re worth the investment. Second, don’t shop in online stores that you’ve never heard of and don’t open email attachments that look shady. Third, don’t download torrent files. Instead, try streaming movies and TV shows through services like HuluPlus, that way you can still have access to the content without worrying about the security issues that come with downloading.
A good indicator that your computer has been infected with the RAT virus is the webcam light that turns on whenever the webcam is being used. Not all webcams have this light, though, so this is not a fail proof way to determine if your computer’s been infected. But if yours does have a light, and it’s acting weird, then the best thing you can do is put a piece of tape over it. Sadly, disabling your webcam through your system settings won’t do very much as the ratter can simply go in and reactivate it. Then, run a full system check on your computer through your anti-virus software.
All images used here are from Ars Technica.