Remote administration tools: new threats

We are not talking about rodents. RAT stands for Remote Administration Tools. While these tools were intended to provide remote support, they are now increasingly being used to spy on others as well as monitor the behavior of others’ computers. A RAT is an advantage when you can’t resolve an issue you’re facing and tech support takes over your team to fix the problem. A RAT is a bane when you don’t know that all your data is available to “someone” “somewhere” on the planet.

Remote Administration Tools – RATs

Windows also provides remote assistance. If you don’t feel the need for Remote Administration Tool(RAT) software and want to protect your computer, start by unchecking the “Allow remote assistance connections to this computer” checkbox in the Remote in System Properties dialog box system) that appears when you right-click the Computer icon and then select Properties from the resulting context menu. If you need remote assistance, you can request it and enable or disable some of the settings as advised by technical support.

Although I have mentioned Windows above, I am not limiting the problem/dangers of Remote Administration Tools to any particular operating system. It can be any operating system where someone has installed a RAT component on your computer or smartphone, with or without your knowledge. There are different types of RAT software and one or more may be supported by your operating system. The use of remote administration tools is not limited to heavy computers. They are also available for smartphones – again to see what you are doing, your location, your contacts, etc.

What can a RAT do – Dangers?

Wikipedia has a page on remote administration tools and associates the RAT with criminal activities instead of projecting them as useful tools for remote administration. I also checked the website of a reputed software RAT. He also talks about spying on other’s computers and phones.

If you visit the WinSpy home page, your IE smart screen will show you a warning!

From there, it appears that the dangers of RAT outweigh the benefits. On the benefit side, I only see the option to remotely connect with a client. Of course there are many things that a RAT can do:

  • See what is displayed on the host computer(s)
  • Transfer files/data to/from host computer(s)
  • Control the computer using shell commands
  • Capture images when motion is detected
  • Send the location of the computer to a remote control device (the RAT client)

The above is not a complete list of what a remote administration tool can do. But these five points can tell you how vulnerable you are. If you are purchasing one of these RATs for your own purpose, such as child monitoring and/or to see how an employee is using their computer, you may be satisfied with the performance of these types of software. But when you are a subject in such an environment, the RAT is collecting your data and sending it to someone somewhere in the world who can later misuse the data or render your computer useless after scanning all the data it contains he or she wants.

Prevent the illegal use of rats

1] Be careful when opening emails from unknown senders and especially when clicking on attachments

2] Use a strong user login password, as RATs can be physically install and hide when not on your computer.

3] Most of the time, it gets install using a Trojan. Naturally, you will need good anti-malware software to detect and isolate the remote access Trojan before it can install any kind of script on your computer.

4] If any RAT software is being install on your corporate device, check the type of tasks that remote administration tools can perform. That will help you stay on your guard.

5] If you do not use RATS, do not allow Remote Assistance connections to your computer as mentioned above.

6] Always use an updated and patched operating system to reduce the chances of RAT downloads affecting the drive.


Leave a Reply