Breaking News

Home / Security / RATicate malware gang goes commercial – Naked Security

RATicate malware gang goes commercial – Naked Security

Two months ago, we wrote about a malware gang that we dubbed RATicate.

These criminals have been actively disseminating a range of remote access Trojans – thus the letters RAT in their nickname – aimed at giving them almost complete control over infected computers, all from a distance.

As we explained earlier in the year, the jargon term RAT is very commonly associated with malware that gives criminals remote access to your webcam, usually for sleazy, voyeuristic purposes.

Indeed, the name RAT was originally coined as a metaphor that referred as much to the criminals that deployed the malware as to the malware itself.

But few RATs were ever just about surreptitious access to webcams and screenshots.

Remote access tools of this sort are more generally known as bots, short for software robots, or zombies, because they lie in wait for commands to arise and wreak havoc.

And almost every zombie out there supports, in addition to any built-in features such as file stealing, screen capturing and webcam snooping, a generic command by which it can update and replace itself with completely new malware, or download and install new malware to run alongside itself.

As we wrote back in May 2020:

The RAT variants delivered by this group of crooks included the zombie malware families Betabot, Lokibot, Formbook, AgentTesla, Netwire, Bladibindi and more.