Four steps to exterminating RATs controlling your computer

Unless actively pursued, damaging remote access trojans have the ability to live years undetected

With trojan detection numbers on the rise, the attention of security professionals is turning towards the packages which facilitate them.

Remote access trojans (RATs) are a type of malware program that allows hackers to covertly gain administrative control over a victim’s computer. Malicious RAT programs work by infiltrating the computer then connecting back to the hacker, giving them unauthorised access from a remote location.

Related Resource

Decade of the RATs - remote access trojans

Cross-platform APT espionage attacks targeting Linux, Windows and Android

Download now

RATs can be as damaging as they sound. Once scurrying around your computer, RATs enable hackers to use your microphone and camera, record on-screen activity, alter personal files, and distribute further malware to other networks. If left unopposed, RAT infections will only worsen.

Advertisement - Article continues below

Fortunately, there are a series of techniques which can be employed to prevent and remove RATs. Read on to learn how to safeguard your computer and keep RATs in the cage.

Individual awareness

Rather obviously, the best way to remove RATs from a computer is to avoid getting them in the first place. The most common route a RAT takes into a computer is through downloaded files, typically sent as attachments in emails.

For organisations with large hubs of administrative staff, meaning a greater number of email addresses to target and a larger risk-surface, employee-awareness of phishing practices must be heightened through comprehensive and recurring training; phishing tactics evolve and so blanket one-day training isn’t sufficient. 

Advertisement
Advertisement - Article continues below

Knowing not to open email attachments from unfamiliar addresses, or even the email itself, is a vital step to curtailing malware. Nor should files be downloaded from untrustworthy sources on the web, both of which allow organisations to remain vigilant and clear of any RATs.

Patch management 

The second preventative measure is to ensure patch management is constantly up-to-date. Updates are deployed for good reasons, and so it’s essential they are promptly downloaded for both operating systems and browsers alike.

Advertisement - Article continues below

Any time where updates are avoided, whether due to employees being unaware an update is available or if patches are viewed as irritating disruptors to workload, creates a window of opportunity for hackers. For those struggling to keep on top of patch management, it may be time to invest in a patch management tool.

Follow the trail of crumbs

If the worst comes to pass and efforts of prevention are undermined, it’s time to move into the location and removal phases. However, RATs can only be removed once they have first been detected. Therefore it’s vital to know and recognise what signs to look for, the trail of crumbs left by the RAT.

One of the less obvious signs is a slower network connection. Being a symptom related to many ailments, even seasoned IT professionals can be forgiven for experiencing connection issues and not immediately accusing invisible RATs. However, chances are that given a slower operating speed an autopsy is carried out, likely resulting in the inspector coming across an unexpectedly open IP port. This is a clear giveaway that there could be a RAT lurking in the shadows. Also look out for altered or deleted files, and unknown programs installed onto the device.

Advertisement - Article continues below

When suspicions are raised, it’s them time to install security software from a trusted and reliable source - here, exercise caution. Ideally, the computer would be disconnected from the internet to ensure the security probe can itself work undetected. After a full security scan, follow the recommended steps listed by the security software to remove the threat. Once the infection has been successfully removed, all details should be considered compromised. Passwords should be changed and accounts explored to scope out the damage. 

Trojan removal tools

Ordinary antivirus scanners aren’t likely to detect encrypted RATs, proven by their ability to live undetected in computers for years. Utilising reputable antivirus and anti-malware solutions do help ensure RATs are unable to properly function, and assist in mitigating any data-collection activities, however the best way to target and remove RATs is through investing in an intrusion detection tool.

Intrusion detection tools are efficient and able to automate much of the removal process. They can contain signatures that can detect trojan packets within network traffic, and if properly configured, can even reliably detect encrypted traffic. Security administrators continue to rely on trojan-specific scanners as they are the only pieces of software that can consistently stamp out a RAT. 

Advertisement - Article continues below

Here, the saving grace is that RATs take a lot of time to construct. Typically those employed by hackers are acquired rather than built, meaning that trojan scanners or even more general anti-virus software is able to pull them up. As they are a time-consuming method of attack, they are also generally saved for larger corporations where they provide hackers with a decent ROI. However, since any computer is a target, there’s pay in being prepared.

Featured Resources

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Remote working 2020: Advantages and challenges

Discover how to overcome remote working challenges

Download now

Keep your data available with snapshot technology

Synology’s solution to your data protection problem

Download now

After the lockdown - reinventing the way your business works

Your guide to ensuring business continuity, no matter the crisis

Download now
Advertisement
Advertisement

Recommended

What is a Trojan?
Security

What is a Trojan?

15 Jun 2020

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

3 Aug 2020
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

4 Aug 2020
UN report points to a 350% rise in phishing websites at start of 2020
phishing

UN report points to a 350% rise in phishing websites at start of 2020

7 Aug 2020