The Disturbing Technique Used to Control Computers and Spy Through Webcams That You Should Know About
We’ve reported about webcam hacking and spying in the past, but a recent report by Ars Technica is giving
an even more in-depth look into the scary world of people who can take
control of a person’s computer, peering into his or her life via webcam
all in the name of an unsettling game.
Ars Technica’s Nate Anderson begins his
story about RATs (remote administration tools) with an eerie scene: a
woman sits in front of her computer with a baby on her lap, voicing her
frustration over unwanted content popping up to a man who is in the room
but offscreen. The man presumes that someone has hacked their computer.
But little do they know the extent of the hack. As Anderson wrote, the
hacker has access to their screens, webcam, microphone, files and all
other content on the device.
At one point, the hacker messing with the family pops up a message on their computer screen that read “achoo!”
Anderson writes that these “ratters,”
as they’re called, might only be playing what they consider a game with
their victims but others hope to spy on intimate moments or search
computer files for erotic photos.
Here’s what Anderson reports a couple ratters saying about their activities online:
“Man I feel dirty looking at these pics,” wrote one forum poster at Hack Forums, one of the top “aboveground” hacking discussion sites on the Internet (it now has more than 23 million total posts). The poster was referencing a 134+ page thread filled with the images of female “slaves” surreptitiously snapped by hackers using the women’s own webcams. “Poor people think they are alone in their private homes, but have no idea they are the laughing stock on HackForums,” he continued. “It would be funny if one of these slaves venture into learning how to hack and comes across this thread.”[...]“I just use the file manager feature of my RAT in whatever one im using and in [a RAT called] cybergate I use the search feature to find those jpgs [JPEG image files] that are ‘hidden’ unless u dig and dig and dig,” wrote one poster. “A lot of times the slave will download pics from their phone or digital camera and I watch on the remote desktop to see where they save em to and that’s usually where you’ll find the jackpot!”
Here’s one example of a ratter spying
and “playing” with their victim, who is working on her computer, by
popping up sites that are shocking and confusing to her (Note: Some
strong language):
What started as a hacking group’s
exposure of Microsoft’s poor security in 1998 has become a small-scale
industry for RATs that are as undetectable by protection software as
possible. Anderson explains that people simply have to run a file from
the ratter to become infected. Sometimes victims (slaves) are tricked
through Facebook messages and others on file-sharing networks.
Anderson reports about several
“handholding” tools that are available for aspiring ratters to pick up
hundreds to thousands of slaves. Anderson also noted that many of them
are coming up with methods to get around the webcam light that turns on
with most computers when it’s in use.
“Calling most of these guys ‘hackers’
does a real disservice to hackers everywhere; only minimal technical
skill is now required to deploy a RAT and acquire slaves,” Anderson
wrote. “Once infected, all the common RAT software provides a control
panel view in which one can see all current slaves, their locations, and
the status of their machines. With a few clicks, the operator can start
watching the screen or webcam of any slave currently online.”
Although many ratters are engaging in
illegal activity, Anderson said they are rarely caught. He also wrote
that there are some legal uses for RATs as well, like security companies
using the technique to find stolen laptops.
Still, what is to be done to prevent
such pervasive spying from happening to you? Anderson suggests people
use an anti-malware program and keep operating systems and plug-ins
(like Flash) up to date. Other common sense tips include avoiding
questionable forums and clicking on attachments in emails that seem
off-base.
“If you are unlucky enough to have your computer infected with a RAT, prepare to be sold or traded to the kind of person who enters forums to ask,
‘Can I get some slaves for my rat please? I got 2 bucks lol I will give
it to you :b,’” Anderson wrote. “At that point, the indignities you
will suffer—and the horrific website images you may see—will be limited
only by the imagination of that most terrifying person: a 14-year-old
boy with an unsupervised Internet connection.”
As for removing a RAT from an infected computer, users on the forum Hack This Site suggest
wiping the hard-drive completely clean and restoring the computer to
its factory settings (the condition it was in when you received it).
Hack This Site’s users also pointed to Microsoft’s TechNet post on RATs. Here’s a portion regarding next steps:
After you detect and eradicate RATs, a larger question looms: Did the remote intruder collect information that could harm you in the future? Answering that question in the confines of this article is difficult, but consider the following information to determine risk. How long has the RAT been around? Although you can’t always rely on file-creation dates, use Windows Explorer to see when the RAT executables were created or last accessed. If the executable was created in the distant past and the last access was recent, an intruder could have been using the RAT over a long period. What type of activity did the intruder perform on the compromised machine? Did the intruder access confidential databases, send email, or access other remote networks or directory shares? Did the intruder have administrator rights? Look on the compromised machine for clues, such as files and programs with access dates and times outside the end user’s usual business hours. In low-risk environments, most end users eradicate the RAT and work hard to prevent the remote intruder from returning. Compromised users might want to consider changing all passwords and other potentially revealed information (e.g., credit card numbers, PIN).
Be sure to read Anderson’s full post
on Ars Technica for more details about the nefarious activities of
ratters and how the technology works here.
–
Related:
Looking for breaking news and commentary on the stories that matter to you? Start your two week free trial with TheBlaze TV today and tune in every night for The Glenn Beck Program, Real News, Wilkow! and more.
No comments:
Post a Comment