Home » The Internet » Spy RATter’s

Spy RATter’s

A Google search of the word RATters reveals either people with a passion for little dogs chasing rats and mice or perverted men using remote access software (RAT) to take control of young girls webcams, take compromising pictures of them to display and swap on slaver forums. The pervert spying came to light in early 2013 in a comprehensive article in Ars Technica. The article claimed that one of the ‘slave forums’ had 23 million total posts.

The technology is not new so it begs the question of which came first, the chicken or the egg. Were government surveillance agencies already using it and young perverts adapting it later, or were young perverts leading the way for government agencies to emulate? A recent article in the Washington Post has claimed that the FBI has been spying on its “persons of interest” via their webcams for several years already, without triggering the webcam indicator light.


At least one judge in a rare case of protecting individual privacy rejected an FBI request for remotely activating video feeds in a bank fraud case in Houston, Texas, in December last year. The judge ruled that the risk of accidentally obtaining information of innocent people was too great.

FBI surveillance teams use the same technique as ratters, by infecting the computer with a malicious software (malware – through phishing). By sending an email with a link, which could be to a website, an image or a video, the user is tricked into downloading a small piece of software onto their machine. Once installed, the malware allows the FBI to take control of the computer and the webcam at any time, working similarly to the system large corporations use to update software and fix IT problems.

“We have transitioned into a world where law enforcement is hacking into people’s computers, and we have never had public debate. Judges are having to make up these powers as they go along.”
Christopher Soghoian, principal technologist for the American Civil Liberties Union.

It is not only governments that are employing RAT techniques but activist and political groups are using it as a protest and spying tool against their rivals. Hackers have been discovered using a tampered-with version of a legitimate remote access tool (RAT) to target activists, industrial, research and diplomatic targets. Hungary-based security firm CrySys Lab discovered an attack on diplomatic targets in Hungary which installs legitimate software first, but then remotely alters the program to enable it spy on victims. This had been going on since 2008.
“The attackers control the victim’s computers remotely by using [a] legal remote administration tool. This application is signed with legitimate digital certificates and is used by more than 100 million users around the world. To avoid alerting the user that somebody is spying on him, the attackers dynamically patch [the program] in memory to remove all signs of its presence.” – Kaspersky Lab

High profile targets ranging from a high-profile victim in Hungary, multiple victims in Iran, the Ministry of Foreign Affairs of Uzbekistan and attacks on Belarusian pro-democracy activists last year. The malware searches for multiple document formats, disk images and file names that suggest they contain passwords or encryption keys.
The leaked Snowdon files suggest that spy teams around the world have been using these techniques since 2004. Their usage of remote administration tools (RATs) comes to light as the world’s most powerful technology firms call on Barack Obama to curb government spying on internet users.

Related Articles:
FBI’s search for ‘Mo,’ suspect in bomb threats, highlights use of malware for surveillance
Hackers use legit remote IT support tool in spy attack


4 thoughts on “Spy RATter’s

  1. My vision of the future seems to get dimmer with every innovation. Nice article Pete. Keep it up and there is a cell in GITMO for ya.

  2. Informative article Pete. Never ceased to amaze me what some minds are capable of . Prevention is better than cure..


  3. Very interesting reading,must of been a lot of research done to find out all this information.Not to mention time consuming work with your jobs ,it has been a experience finding out about it.I knew about turning webcams on remotely but this was a eye opener.
    And the goverment has been useing this technoligy for years now spy on inocent peolpe just because they have a computer.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s