About
Remote Administration Tools (RATs) are programs that allow remote control of computers they have been installed on. The applications are often used by hackers as the payload of a Trojan horse, giving the user access to the victim’s machine without their knowledge or consent.
History
Back Orifice
The RAT program “Back Orifice” was created by the hacker group Cult of the Dead Cow (CDC) and allows users to control Internet-connected machines running Microsoft Windows from a remote location. The application name was intended to be a parody of Microsoft BackOffice server products. The tool was released by the CDC on August 1st, 1998, at the DEFCON hacker convention in Las Vegas, Nevada. According to the group, the program was created to illustrate the lack of security in Microsoft’s Windows 98 operating system. Back Orifice was often delivered to machines as a Trojan horse program, a type of malware unintentionally installed by users. On July 10th, 1999, an updated version of the tool named “Back Orifice 2000” (BO2k) was released by the CDC at DEFCON 7. The new version had several additional features, including a plugin architecture and the ability to be installed on several different versions of Windows.
Bandook
Bandook is a Trojan horse RAT that can be used to control a remote machine running Windows NT family systems in a variety of ways, allowing the hacker to access the computer’s file system, take screen captures and log keystrokes. The application was developed by the Nuclear Winter Crew[7] hacker group in 2005, who specialize in creating spy, surveillance and computer security programs.
CyberGate
CyberGate[8] is a RAT that works on most Windows operating systems which allows the user to control multiple machines simultaneously.
DarkComet
The DarkComet RAT[10] comes equipped with a “Fun Manager,” which allows the attacker to prank a victim by performing a variety of actions, including hiding parts of the screen, disabling the start button, disabling the task manager and opening the CD tray.
Online Presence
Several hacker forums have sections dedicated to discussing the use of RATs, including Hack Forums,[1] Hack Community[2] and VIP Hack Forums.[3] Beginner’s guides to using RATs have been posted on the websites Hacker 101[4] and Anarchy Forums.[5] On March 10th, 2013, the technology news blog Ars Technica[9] published an article about the malicious use of RATs, which specifically investigated men who used the applications to spy on women. The article noted that women victims were often referred to as “slaves” and showed screen captures of women that had been shared on Internet forums.
Videos
Several YouTubers have uploaded recordings of RATs being used on unknowing victims, many of which send messages to the user or direct their browser to shock sites.
Search Interest
External References
[1]Hack Forms – Remote Administration Tools
[2]Hack Community – Remote Administration Tools
[3]VIP Hack Forums – Remote Administration Tools
[4]101 Hacker – Introduction to RATs
[5]Anarchy Forums – Remote Administration Tool&
[7]Nuclear Winter Crew – About
[8]Cyber Software – Cyber Gate
[9]Ars Technica – Meet the men who spy on women through their webcams
[10]Dark Comet RAT– Dark Comet RAT