Security researchers at Check Point have recently identified a new strain of malware that seems to be a Frankenstein’s Monster created by combining two older strains.
Dubbed ‘Rogue RAT,’ this deceptively simple bit of malicious code gives anyone who uses it the ability to record your calls, steal your passwords, read all of your messages (text or email) and more.
Even worse is the fact that the hackers behind the code are now selling it on the Dark Web for as little as $29.99 a copy. That’s grim news indeed, because it puts a surprisingly powerful hacking tool in the hands of anyone with thirty bucks to spare, whether they have any actual hacking skill or not.
At the root, Rogue RAT is a keylogger, allowing a hacker to infect a target system and keep track, keystroke by keystroke, everything the user does on that system. Every time the user logs into his or her bank, or any other password protected sites, the controllers of the malware wind up with that information. It gives them the keys to the target’s virtual kingdom and allowing them to cause no end of trouble for an unwary or unobservant victim.
Recent updates to Rogue RAT also allow it to monitor the GPS position of the target, activate the camera to take pictures, activate the mic to record phone calls or in-person conversations happening within proximity of the infected device, and more.
Complicating the issue further is the fact that since it’s widely available, there’s no one preferred method of infection. That depends on the person who bought the malware. Although in practice, many use simple phishing techniques, attaching a poisoned file to an email and relying on social engineering techniques to tempt the recipient into opening the file.
In any case, Rogue RAT is a legitimate danger and should not be dismissed or discounted. Ignore it at your peril.