From hundreds of miles away, a man sits at his monitor watching an unsuspecting woman use her computer, undress and go to sleep. She has no idea she’s being watched. The remote attacker has installed software to control her webcam. What’s worse, he’s recording all of her actions and posting those videos on YouTube or trading the videos with other voyeurs online.
R.A.T. Remote Access Tools
This scenario is happening more and more; there are myriad photos and videos available online indicating the practice is getting easier and more popular with an online community called Ratters. They use Remote Access Tools (R.A.T.s) to activate the webcams of compromised computers and record video of unsuspecting users. They call the owners of these infected computers “slaves,” and compromising videos, especially of female slaves, are openly traded, and posted on YouTube.
The practice of taking over a computer is not new. Hackers have produced software for years that gives complete control of a machine to a remote attacker. Aspects of these tools are also common in the IT field for offering remote tech support. But what’s new is the community of remote attackers who have formed in hacking forums to share or trade access to the enslaved computers and talk about their exploits.
In a detailed article on Ars Technica
, journalist Nate Anderson probes into the members at hackforums.net, which he says has more than 134 pages of posts featuring captured images and video of female slaves. Some are recorded from webcams, and others are videos or images found on the hard drives of compromised computers that their owners thought were private and secure.
Beyond invading a victim’s privacy, Ratters have tools in their software to scare or annoy remote victims. They can open and close their DVD drives, display graphic images on screen, have the computer read aloud using text-to-speech applications, or even hide the start button.
Victims are infected with remote access tools the same way many viruses spread: opening attachments, drive-by downloads from sketchy sites, downloading files from torrents or file-sharing sites, or being tricked into clicking links through social media sites.