Malware-as-a-service allows victim management

June 22, 2012 – 5:34 AM

A big amount of the malware out there are RAT (Remote administration tool) samples. This is software created by people specialized on it, people that develop, improve and sell their tools. It has capabilities that let the attacker spy on the victims with actions like screen capturing, keylogging, password stealing, command execution and remote access and controlling. Clients of these services usually pay to gain access to the tools and additional services like support, zero or low antivirus detection. Below is a description of such a service that AlienVault have been observing: Clients pay for the service and then they gain access to a web portal where they can generate personalized Trojans, manage the infected victims via the web browser and host the malware on their “cloud”. Creators promote itself as a service to remote control computers and “recover passwords”. This means that clients don’t have to mess with almost any technical issues, and they don’t need special skills or knowledge. The providers supply the tools, the hosting, and the Command and Control server. When the client logins to their personal account they can see the main menu, tutorials and shortcuts.


You must be logged in to post a comment.