Home
Forums
New posts
Search forums
What's new
New posts
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Log in
Register
What's new
Search
Search
Search titles only
By:
New posts
Search forums
Menu
Log in
Register
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Home
Forums
CARDING & HACKING
Hacking Tools
What is RAT
Message
<blockquote data-quote="Greenhost" data-source="post: 386" data-attributes="member: 20"><p>Hello, who have already watched my past video, now they know what a RAT is. Today I will tell you about the most famous and effective remote access Trojans. Don't even think about using them =)</p><p></p><p>For those who have forgotten, RAT is a remote access Trojan. In simple words, it is malware that allows a hacker to take full control of an infected device. That is, an attacker can either draw genitals in your paint or extort a ransom for stolen confidential data. RAT is a very powerful tool that opens up a wide range of actions. I think this is, so, understandable, so let's move on to the most outstanding representatives.</p><p></p><p><img src="https://www.f-secure.com/virus-info/v-pics/bo2kcfg.gif" alt="bo2kcfg.gif" class="fr-fic fr-dii fr-draggable " style="" /></p><p><strong>Back orifice</strong></p><p>The whole movement started back in 1998, although many claim that RAT is just over 10 years old. It was at that bearded time that the grandfather of all modern rats, Back Orifice, appeared. It was created by members of the legendary hacker group "Cult of the Dead Cow", about which I will probably release a separate post. Initially, the Trojan was released for Windows 95 (then there were versions for 98 and XP) and it made a lot of noise, as it allowed full remote access to the victim's computer, and even had a nice interface. In general, the program itself is harmless at first glance. It would seem like an ordinary Team Viewer, if not for one thing. After the inconspicuous bo2k.exe file got on the computer, it gradually penetrated into all system files and seized control over them completely unnoticed by the user. The most interesting, BO provides a user with more options on a remote Windows computer than the user of that computer has. Quite ironic, so it is not surprising that it was quickly classified as a Trojan, and the creators were not too shy.</p><p></p><p><img src="https://lenium.ru/wp-content/uploads/2018/01/DarkComet-RAT_14.jpg" alt="DarkComet-RAT_14.jpg" class="fr-fic fr-dii fr-draggable " style="" /></p><p><strong>Dark comet</strong></p><p>One of the first "modern" Trojans, which was created in 2008 by the French hacker Jean-Pierre Lesuer. He successfully sold his invention to Africans who tried to break the computers of the American government, after which he still had to pay attention to the malware. The functionality of this rat is not so extensive. From the key one can write a screen and collect passwords, and from the secondary one can turn on and off the computer remotely. Interestingly, Dark Comet was used by the Syrian government to spy on citizens.</p><p></p><p><strong>Mirage</strong></p><p>The invention of the Chinese Communist Party sponsored hackers. The most politicized RAT, as it was used mainly for spying on foreign governments, as well as sabotage in large companies in the period from 2009-2015. It got to computers via email newsletter with an attached PDF file with a surprise. An updated version of this Trojan is still being recorded, so the Chinese are not asleep.</p><p></p><p><img src="https://i.postimg.cc/bYn2CjrN/Screenshot-3.png" alt="Screenshot-3.png" class="fr-fic fr-dii fr-draggable " style="" /></p><p><strong>Orcus</strong></p><p>In 2016, a couple of cunning entrepreneurs from Canada founded Orcus Technologies, whose main product was an analogue of the ORcus teamviewer. But the software turned out to be not so harmless, because it can be installed without the knowledge of the computer owner. The authorities missed the topic and issued a not sickly fine to the creators, and even a criminal offense to boot. Nevertheless, Orcus is still one of the most popular RATs, providing excellent functionality and a user-friendly interface. Through it you can do absolutely everything, only on someone else's computer.</p><p></p><p></p><p></p><p></p><p><strong>Mobile RATs</strong></p><p>Hello, today we have a second post about RATs (warriors), only this time for mobile devices. Interestingly, there are no less of them, and the functionality, in some places, is even more interesting.</p><p></p><p><strong>Droid jack</strong></p><p>The most popular warrior on Android is by far the Droid Jack. The popularity of this software is mainly due to the positioning of their product by the developers. First of all, Droid Jack was created for convenient control of a smartphone from a PC, but the fact that it is used for espionage is already a classic dilemma of traders in TOR and terrorists in Telegram. Everything has a price. The software itself is freely available for a pretty impressive $ 210. What do we get for this money?</p><p></p><p><img src="https://www.redherring.com/wp-content/uploads/2015/10/DroidJack.jpg" alt="DroidJack.jpg" class="fr-fic fr-dii fr-draggable " style="" /></p><p>DroidJack allows you to transfer the current GPS coordinates of the device, manage incoming and outgoing calls, record phone conversations, read and send SMS, messages in WhatsApp, view browser history, list of running applications, copy contacts, receive images from the built- in camera, control volume and much more. ... A pretty good arsenal.</p><p></p><p><img src="https://i.ytimg.com/vi/cpWkljxMT58/maxresdefault.jpg" alt="maxresdefault.jpg" class="fr-fic fr-dii fr-draggable " style="" /></p><p>True, in order to put it on the victim's mobile phone, you will have to unnoticeably enter the agro-industrial complex. Well, either social engineering, it's already a matter of skill. The Droid Jack also has a budget-friendly Omnirat that could be gotten for as little as $ 25. As it is now, I don't know, but the functionality was approximately identical.</p><p></p><p><img src="https://media.kasperskydaily.com/wp-content/uploads/sites/90/2017/04/06040353/pegasus-mobile-spyware-featured-1.jpg" alt="pegasus-mobile-spyware-featured-1.jpg" class="fr-fic fr-dii fr-draggable " style="" /></p><p><strong>Pegasus</strong></p><p>Legendary spyware created in the secret laboratories of the Mossad. Most likely it will not be possible to get it, since it costs a couple of million green and is sold only to “their own”. So if you are not a member of some global organized criminal group, or not the leader of at least a small state, you’re sorry. But the possibilities of Pegasus are even nothing.</p><p></p><p><img src="https://images.thequint.com/thequint%2F2019-10%2F076feb8e-c1c5-4fda-92c6-cdec1d63994e%2Fhero.jpg?rect=0%2C0%2C2000%2C1125" alt="thequint%2F2019-10%2F076feb8e-c1c5-4fda-92c6-cdec1d63994e%2Fhero.jpg" class="fr-fic fr-dii fr-draggable " style="" /></p><p>Keylogging, taking screenshots, reading SMS and email, copying browser history, listening to phone calls and much more. Best of all, it runs on iOS without Jailbreak. It is almost impossible to detect this Trojan since it has a self-destruct protocol. In short, real Bond software. The first time Pegasus was burned in 2016, but no matter how hard Tim Cook tried, new versions continue to be released.</p><p></p><p><img src="https://camo.githubusercontent.com/79e87069d44474f85c676b82bd97881cd01ee455c1f8d7d41310e7e37184177e/687474703a2f2f692e696d6775722e636f6d2f6e4854474748692e706e67" alt="687474703a2f2f692e696d6775722e636f6d2f6e4854474748692e706e67" class="fr-fic fr-dii fr-draggable " style="" /></p><p><strong>AhMyth</strong></p><p>The most beloved warrior of any self-respecting schoolboy. You can download it absolutely free from GitHub. We put the program on the PC, generate the RAT of the APK, enter it on the phone of our classmate and successfully hide it. Voila. Now you can track for hours and eavesdrop on your first love. In general, the software is quite interesting and multifunctional. I strongly recommend not using it!</p><p></p><p><strong>Rat protection</strong></p><p><strong></strong></p><p><strong>How does the infection take place?</strong></p><p>First, let's analyze how the RAT can get to your device. It is worth highlighting 2 main points here: physically (through a USB flash drive, cable) or through social engineering (when you yourself install a Trojan hidden in some harmless file). In the first case, everything is simple.</p><p><img src="https://realadmin.ru/assets/images/articles/usb/securusb.jpg" alt="securusb.jpg" class="fr-fic fr-dii fr-draggable " style="" /></p><p>If some left-handed type puts something into your device, you should already strain yourself and take into account the possibility of installing an infected APK / program. In the second case, you just need to follow the basic rules of digital hygiene - do not go to dubious sites, do not open files from strangers and check all new programs on virustotal.</p><p></p><p><img src="https://i.ytimg.com/vi/zDXFhszyaIk/maxresdefault.jpg" alt="maxresdefault.jpg" class="fr-fic fr-dii fr-draggable " style="" /></p><p><strong>How do you know if you have a rat?</strong></p><p>But even such simple rules will not be able to secure your device 100%. Perhaps the Trojan managed to sneak up unnoticed. What then? There are many factors that can betray his presence.</p><p></p><p><strong>Bullying</strong></p><p>First and most obvious. An attacker will impersonate himself by carrying out suspicious activity on your device. Files will start to disappear, various tabs and programs will open. Perhaps he will even write something to you in a notebook. This is a bad signal and you need to smoke the pest as soon as possible. In the worst case, the monitor may go out, or the drive may turn off.</p><p></p><p><strong>Glitches</strong></p><p>The most common rat signal. The device starts to dull, the Internet too, there is a high outgoing traffic.</p><p></p><p><strong>Theft</strong></p><p>The worst thing that can happen is that the attackers have already achieved their goal - they stole your passwords. This can be understood by suspicious activity on your social networks, or, in extreme cases, on a bank account.</p><p></p><p><strong>Software</strong></p><p>So, we got a rat, what should we do? In most cases, antiviruses will not help, since the warriors are sharpened under disguise from them. We will need special services to detect network intrusions. For example, Fortinet, Suricata, or Snort products. With their help, you can detect suspicious processes, as well as delete a malicious file. If you are attacked by a simple warrior, the same operation can be done through the process manager. We find the suspicious process and turn it off, then delete the warrior himself. To achieve even greater security against RAT attacks, you can install a firewall. For example Comodo Firewall, Zone Alarm, GlassWire and others.</p></blockquote><p></p>
[QUOTE="Greenhost, post: 386, member: 20"] Hello, who have already watched my past video, now they know what a RAT is. Today I will tell you about the most famous and effective remote access Trojans. Don't even think about using them =) For those who have forgotten, RAT is a remote access Trojan. In simple words, it is malware that allows a hacker to take full control of an infected device. That is, an attacker can either draw genitals in your paint or extort a ransom for stolen confidential data. RAT is a very powerful tool that opens up a wide range of actions. I think this is, so, understandable, so let's move on to the most outstanding representatives. [IMG alt="bo2kcfg.gif"]https://www.f-secure.com/virus-info/v-pics/bo2kcfg.gif[/IMG] [B]Back orifice[/B] The whole movement started back in 1998, although many claim that RAT is just over 10 years old. It was at that bearded time that the grandfather of all modern rats, Back Orifice, appeared. It was created by members of the legendary hacker group "Cult of the Dead Cow", about which I will probably release a separate post. Initially, the Trojan was released for Windows 95 (then there were versions for 98 and XP) and it made a lot of noise, as it allowed full remote access to the victim's computer, and even had a nice interface. In general, the program itself is harmless at first glance. It would seem like an ordinary Team Viewer, if not for one thing. After the inconspicuous bo2k.exe file got on the computer, it gradually penetrated into all system files and seized control over them completely unnoticed by the user. The most interesting, BO provides a user with more options on a remote Windows computer than the user of that computer has. Quite ironic, so it is not surprising that it was quickly classified as a Trojan, and the creators were not too shy. [IMG alt="DarkComet-RAT_14.jpg"]https://lenium.ru/wp-content/uploads/2018/01/DarkComet-RAT_14.jpg[/IMG] [B]Dark comet[/B] One of the first "modern" Trojans, which was created in 2008 by the French hacker Jean-Pierre Lesuer. He successfully sold his invention to Africans who tried to break the computers of the American government, after which he still had to pay attention to the malware. The functionality of this rat is not so extensive. From the key one can write a screen and collect passwords, and from the secondary one can turn on and off the computer remotely. Interestingly, Dark Comet was used by the Syrian government to spy on citizens. [B]Mirage[/B] The invention of the Chinese Communist Party sponsored hackers. The most politicized RAT, as it was used mainly for spying on foreign governments, as well as sabotage in large companies in the period from 2009-2015. It got to computers via email newsletter with an attached PDF file with a surprise. An updated version of this Trojan is still being recorded, so the Chinese are not asleep. [IMG alt="Screenshot-3.png"]https://i.postimg.cc/bYn2CjrN/Screenshot-3.png[/IMG] [B]Orcus[/B] In 2016, a couple of cunning entrepreneurs from Canada founded Orcus Technologies, whose main product was an analogue of the ORcus teamviewer. But the software turned out to be not so harmless, because it can be installed without the knowledge of the computer owner. The authorities missed the topic and issued a not sickly fine to the creators, and even a criminal offense to boot. Nevertheless, Orcus is still one of the most popular RATs, providing excellent functionality and a user-friendly interface. Through it you can do absolutely everything, only on someone else's computer. [B]Mobile RATs[/B] Hello, today we have a second post about RATs (warriors), only this time for mobile devices. Interestingly, there are no less of them, and the functionality, in some places, is even more interesting. [B]Droid jack[/B] The most popular warrior on Android is by far the Droid Jack. The popularity of this software is mainly due to the positioning of their product by the developers. First of all, Droid Jack was created for convenient control of a smartphone from a PC, but the fact that it is used for espionage is already a classic dilemma of traders in TOR and terrorists in Telegram. Everything has a price. The software itself is freely available for a pretty impressive $ 210. What do we get for this money? [IMG alt="DroidJack.jpg"]https://www.redherring.com/wp-content/uploads/2015/10/DroidJack.jpg[/IMG] DroidJack allows you to transfer the current GPS coordinates of the device, manage incoming and outgoing calls, record phone conversations, read and send SMS, messages in WhatsApp, view browser history, list of running applications, copy contacts, receive images from the built- in camera, control volume and much more. ... A pretty good arsenal. [IMG alt="maxresdefault.jpg"]https://i.ytimg.com/vi/cpWkljxMT58/maxresdefault.jpg[/IMG] True, in order to put it on the victim's mobile phone, you will have to unnoticeably enter the agro-industrial complex. Well, either social engineering, it's already a matter of skill. The Droid Jack also has a budget-friendly Omnirat that could be gotten for as little as $ 25. As it is now, I don't know, but the functionality was approximately identical. [IMG alt="pegasus-mobile-spyware-featured-1.jpg"]https://media.kasperskydaily.com/wp-content/uploads/sites/90/2017/04/06040353/pegasus-mobile-spyware-featured-1.jpg[/IMG] [B]Pegasus[/B] Legendary spyware created in the secret laboratories of the Mossad. Most likely it will not be possible to get it, since it costs a couple of million green and is sold only to “their own”. So if you are not a member of some global organized criminal group, or not the leader of at least a small state, you’re sorry. But the possibilities of Pegasus are even nothing. [IMG alt="thequint%2F2019-10%2F076feb8e-c1c5-4fda-92c6-cdec1d63994e%2Fhero.jpg"]https://images.thequint.com/thequint%2F2019-10%2F076feb8e-c1c5-4fda-92c6-cdec1d63994e%2Fhero.jpg?rect=0%2C0%2C2000%2C1125[/IMG] Keylogging, taking screenshots, reading SMS and email, copying browser history, listening to phone calls and much more. Best of all, it runs on iOS without Jailbreak. It is almost impossible to detect this Trojan since it has a self-destruct protocol. In short, real Bond software. The first time Pegasus was burned in 2016, but no matter how hard Tim Cook tried, new versions continue to be released. [IMG alt="687474703a2f2f692e696d6775722e636f6d2f6e4854474748692e706e67"]https://camo.githubusercontent.com/79e87069d44474f85c676b82bd97881cd01ee455c1f8d7d41310e7e37184177e/687474703a2f2f692e696d6775722e636f6d2f6e4854474748692e706e67[/IMG] [B]AhMyth[/B] The most beloved warrior of any self-respecting schoolboy. You can download it absolutely free from GitHub. We put the program on the PC, generate the RAT of the APK, enter it on the phone of our classmate and successfully hide it. Voila. Now you can track for hours and eavesdrop on your first love. In general, the software is quite interesting and multifunctional. I strongly recommend not using it! [B]Rat protection How does the infection take place?[/B] First, let's analyze how the RAT can get to your device. It is worth highlighting 2 main points here: physically (through a USB flash drive, cable) or through social engineering (when you yourself install a Trojan hidden in some harmless file). In the first case, everything is simple. [IMG alt="securusb.jpg"]https://realadmin.ru/assets/images/articles/usb/securusb.jpg[/IMG] If some left-handed type puts something into your device, you should already strain yourself and take into account the possibility of installing an infected APK / program. In the second case, you just need to follow the basic rules of digital hygiene - do not go to dubious sites, do not open files from strangers and check all new programs on virustotal. [IMG alt="maxresdefault.jpg"]https://i.ytimg.com/vi/zDXFhszyaIk/maxresdefault.jpg[/IMG] [B]How do you know if you have a rat?[/B] But even such simple rules will not be able to secure your device 100%. Perhaps the Trojan managed to sneak up unnoticed. What then? There are many factors that can betray his presence. [B]Bullying[/B] First and most obvious. An attacker will impersonate himself by carrying out suspicious activity on your device. Files will start to disappear, various tabs and programs will open. Perhaps he will even write something to you in a notebook. This is a bad signal and you need to smoke the pest as soon as possible. In the worst case, the monitor may go out, or the drive may turn off. [B]Glitches[/B] The most common rat signal. The device starts to dull, the Internet too, there is a high outgoing traffic. [B]Theft[/B] The worst thing that can happen is that the attackers have already achieved their goal - they stole your passwords. This can be understood by suspicious activity on your social networks, or, in extreme cases, on a bank account. [B]Software[/B] So, we got a rat, what should we do? In most cases, antiviruses will not help, since the warriors are sharpened under disguise from them. We will need special services to detect network intrusions. For example, Fortinet, Suricata, or Snort products. With their help, you can detect suspicious processes, as well as delete a malicious file. If you are attacked by a simple warrior, the same operation can be done through the process manager. We find the suspicious process and turn it off, then delete the warrior himself. To achieve even greater security against RAT attacks, you can install a firewall. For example Comodo Firewall, Zone Alarm, GlassWire and others. [/QUOTE]
Name
Verification
Post reply
Home
Forums
CARDING & HACKING
Hacking Tools
What is RAT
Top