Introduction :
RAT (Remote Access Trojan) is a type of trojan virus which gives an attacker full administrative access to your system. It automatically get installed in the system and connects a backdoor connection between victim and attacker’s system. It can be attached with a pdf or an email , once it is downloaded it automatically installs in the victim’s PC.
Hackers Penetration Technique :
Once RAT is installed in the victim’s system, the hacker gets the full administrative access to the system. He can access the sensitive data and information such as passwords, images videos etc. He can also access your mail and sensitive data as well.
Once the hacker gets access to the email, he can also access the credit card as well. He can miss use your Credit card anytime and anywhere without even letting you know.
Suppose a hacker got access to someone’s credit card and he wants to use the credit card to make a purchase on ABC.com. He will add ABC.com in the spamming word list on the email of the compromised person so whenever ABC.com sends a mail to the person regarding the purchase, he wont be notified. In this way your credit card can also be abused.
However hacker can encrypt your sensitive or personal data and demand money from you as well. This is called RANSOMWARE ATTACK in which your data is encrypted by an unauthorized personality and money is demanded for returning the access of your system.
· Prevention
DEPLOYING ENDPOINT SECURITY is an important point in preventing your system from viruses. These tools are used to protect and monitor your device. They monitor unusual behavior such as a calculator connected to a remote server and terminate that process. It also provides a scanning feature which scans the network and the files that are being downloaded in the system. It can detect and terminate a virus very quickly.
PRINCIPLE OF LEAST PRIVELAGE is also a way of limit the hacker if he has got into your system. This term means ‘ never login as an administrator for daily tasks’. Using this technique we can limit the hacker.
DISABLE UNSED PORTS, we need to disable the ports we are not using such as port 3389 on which RDP runs and also VNC and telnet’s ports as well. Although if we want to use these ports we should use VPN.
FREQUENTLY INPSECT MAIL , we need to frequently check the mails that are in spam folder, although there is any suspicious mail that carry’s any purchase detail. Also checking the logged in device status is a very good practice to detect on which device our mail is logged in and if there is any new device or an unknown device is found we can remove that device.
USE A Multi Factor Authentication MFA . using MFA is a very authentic and essential part of securing your device from an authorized access. Even if the hacker gets your password, it is very hard to bypass your MFA.
USING DIFFERENT AND STRONG PASSWORDS. Use different password for every service and always use a strong sequence of passwords which can contain a combination of alphanumerics and special characters. Such kinds of password are hard to crack even using a brute force attack.