Introduction to RATs
Once a hacker has gained initial access to a target machine, expanding and solidifying that foothold is the next logical step. In the case of a phishing attack, this involves using malware to take advantage of the access provided by the email.
A common way of expanding this beachhead on the target machine is through Remote Access Trojans (RATs). This type of malware is designed to allow a hacker to remotely control a target machine, providing a level of access similar to that a remote system administrator. In fact, some RATs are derived from or based upon legitimate remote administration toolkits.
The primary evaluation criteria for a given RAT is how well they allow a hacker to accomplish their goals on the target computer. Different RATs are specialized for certain purposes, but many of the top RATs are designed to provide a great deal of functionality on a variety of different systems.
The top RATs
Many different Remote Access Trojans exist, and some hackers will modify existing ones or develop their own to be better suited to their preferences. Different RATs are also designed for different purposes, especially with RATs geared specifically to each potential target (desktop versus mobile, Windows versus Apple and so on).
Comparing different RATs across the board is like comparing apples to oranges. However, some RATs stand out from the rest within their particular areas of expertise.
1. The hacker’s choice: FlawedAmmyy
When trying to identify which malware variant is the most effective, it’s useful to take a look at what hackers are actively using. When it comes to RATs, FlawedAmmyy stands out as a clear modern favorite among hackers.
FlawedAmmyy is a RAT that was developed from the leaked source code of the Ammyy Admin remote administration software. It has been used (Read more...)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Howard Poston. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/KrQCgP3Dm8Y/