You’ve heard of ransomware, cryptojackers, viruses and worms — but what about RATs? Remote-access Trojans, or RATs as they are called in the cybersecurity world, are some of the most nefarious malware on the web, yet they are some of the least-discussed by the media at large. If you want to keep your devices and networks safe, you need to know a bit more about RATs, like what they are, how they attack and how you can stop them from harming you.
The Anatomy of a RAT
As mentioned above, RAT stands for remote-access Trojan. As you might already know, a Trojan is a type of malware that gets into your device by pretending to be something it is not, usually a legitimate-seeming program like a music player or word processor. Typically, cybercriminals trick users into running the Trojan through some kind of social engineering, and once a Trojan is installed on a device, the malware can steal the data on your device and/or network and send it along to its author. Different types of Trojans have different precise goals, but all of them are bad.
Remote-access Trojans are the worst Trojans of all. This is because of the remote-access element of their name — these Trojans give cybercriminals access to your entire device. There are legitimate remote-access programs, primarily those used for tech support or remote employees logging onto a company network. RATs take the same technology and use it to covertly gain access to users’ devices and data.
Unlike ransomware and most viruses and worms, RATs aren’t made for a specific purpose, like logging keystrokes or demanding ransom fees. Rather, because RATs give hackers complete, anonymous control of your device, cybercriminals want RATs to linger and flourish on a device, providing unknown quantities of valuable data or network connections, for as long as possible. Most often, RATs are used like spyware, identifying useful login credentials, sensitive photos, private conversations and the like, but RATs could be used to access webcams to record private moments or to perform illegal activities using your home network as a proxy server. Most recently, researchers have identified a RAT called Saefko that steals cryptocurrency.
The worst thing about RATs is that they can linger on your device, unnoticed, for years. A remote device and network totally unconnected to one’s name is a valuable tool, especially for a cybercriminal. This means it behooves hackers not to reveal their RATs too soon. So, how do you go about smelling a rat? Keep reading to find out.
Keeping RATs out of Your Home
RATs are undoubtedly some of the worst malware to have on your device — but when it comes to avoiding or eradicating RATs, the job isn’t as intimidating as you might expect. Like other Trojans, RATs don’t live on real, legitimate software; they merely pretend to be legitimate, meaning you almost definitely won’t find them hanging out in trusted download spaces, like software developers’ websites, Google Play, the App Store or highly rated sites like Softpedia. You could easily pick up a RAT by downloading sketchy software from sketchy websites or from trusting software found in email attachments or on unknown USB drives. Generally, you can avoid RATs by practicing smart cyber hygiene — just like you can avoid real rats by maintaining your home and staying clean.
If you suspect that you already have RAT installed — perhaps because you have been wanton with your downloads in the past or have noticed a few strange behaviors from your device — you need not panic. RATs are much easier to eradicate from your device than rats are from your home. You only need strong antivirus protection to scan your device for signs of malware. Because most RATs use similar code signatures to other Trojans, your antivirus tool should flag, quarantine and delete them exceedingly swiftly.
The RAT might be the king of Trojans — and it might be something you should stay far, far away from — but it isn’t close to the most threatening malware on the web right now. With the right habits in place, you can avoid attracting a RAT onto your device or network, at least until RATs get smarter and start using other toolsand tactics for attack.