Welcome to the LDI Blog

Stay in the know! Keep up to date on our exciting ventures, our partners, the newest technologies, and more.

LDI Blog

Does Your Computer Have a RAT Problem?

April 16, 2018

As today’s dynamic business environment continues to grow, systems that were previously contained (or “closed”) have moved on to the cloud and are opened up to remote access and control. Unfortunately, hostile parties can take advantage of these“open” systems and are prepared to exploit any vulnerability.

RAT_problem

Meet the RAT hiding in your system

Threats to your firm’s data can come from many sources, but one of the most damaging malware infections can come from a Remote Access Trojan (RAT). If you’ve heard of a Trojan viral infection, then you understand that the virus might look like a legitimate program, but once given access to your network it’s ready to cause lots of damage. What sets a RAT apart from a regular Trojan virus is that it doesn’t just slow down your system, but it gives the hacker remote control.

The level of control depends on what type of RAT you are faced with and its mission. For example, it could gain access to all your passwords through a technique known as “key logging.” This enables the hacker to record every keystroke you make and as the infected party you will remain unaware that anything is wrong. The hacker will get access to sensitive data, like credit card numbers and could even turn on your computer’s webcam to spy on you! 

Know your RAT species

Two types of RAT are most common. The Adwind RAT and The Qrypter RAT. Both spread through spam emails, and even if you are used to them they can be very convincing. The Adwind RAT will imitate the Swift network messages used by financial institutions. It creates a notification from a “trusted” financial source that urges users to check out the attached document to verify correct account information. Once clicked and opened, the RAT goes to work. Recent news reports indicate that several attacks have occurred from IPs located in Cyprus, Turkey and The Netherlands.

The Qrypter RAT was developed more recently as Malware As A Service (MaaS) model. This is where the creators of the virus rent the RAT out to criminals rather than managing the virus themselves. Qrypter is currently targeting financial institutions worldwide, and as of March 2017 has infected 243 companies.

Stop the RAT in its tracks

It is important that businesses educate its employees on the dangers of malware infections, and as GI Joe used to say, “knowing is half the battle.” Never open attachments from phishing emails and if you’re not sure you are being phished always err on the side of caution, and get your IT professional to take a look.

While some security experts recommend you invest in a licensed anti-spyware tool, its more important that employees follow safe web browsing protocols – because its always better to prevent a RAT from getting into the system in the first place.

If you’d like to learn more about network security threats and see if your systems are safe, connect with our experts at LDI CONNECT

 


James Herold
James Herold

James is an award winning sales leader and IT Account Manager at LDI and has been in office technology sales for more than twenty years. His focus is helping companies gain greater efficiency from software and hardware solutions through best practices. James has demonstrated the ability to guide organizations through the complex worlds of IT security and help facilitate regulatory compliance.

Topics: LDI CONNECT, Managed IT