What is a RAT?
In the late 1990s, when the internet was still young, it was common for tech-savvy kids to scare their friends by controlling their PCs remotely. They would eject the CD tray, swap the mouse buttons, or change the desktop colors. To the unwitting user, it looked like a ghost was taking over the machine.
Those were the years that marked the birth of remote access Trojans (RATs), malicious software that allows an attacker to gain unauthorized access to a victim’s computer over the internet. RATs are typically installed without user consent and remain hidden to avoid detection.
These things set them apart from a benign type of software with a somewhat similar name, Remote Access/Administration Tool. This category includes computer programs such as TeamViewer or LogMeIn that are legitimately used by system administrators, as well as teenagers trying to fix their grandparents’ PCs.
It’s the malicious remote access software that interests security researchers Veronica Valeros and Sebastian García at the Czech Technical University in Prague. The two have spent the last few years trying to analyze the evolution of this type of malware, studying no less than 337 well-known families, looking at things such as functionalities, quality of the software, and purpose.