5 Ways to Catch a RAT (Remote Access Trojan)

A RAT is malicious malware software that runs on your computer. It gives access to a hacker when he wants to steal information from you or install other malicious software. RATs are difficult to detect, but you can take measures to ensure that you’re protected. This article describes RATs and five ways you can detect one running on your computer.

A remote access trojan (RAT) gives a malicious hacker access to your desktop. A hacker doesn’t even need to create his own RAT. These programs are available for download from dark areas of the web. As a user, you should understand how a RAT works and what you can do to detect and remove it from your computer.

How a RAT Works

Trojans have been around for two decades. The term “RAT” is new, however. Trojans are programs that run in the background and give unauthorized access to your machine. What hackers do with the access is up to the individual hacker, but they have several options once you accidentally install a RAT on your system.

RATs usually start out as executable files you download from the Internet. It could be masked as another program, or a malicious coder could add one to a seemingly harmless application. Once the RAT installs, it runs in system memory. The RAT adds itself to system startup directories and registry entries, so each time you start your computer, the RAT starts too.

The RAT subsequently after installation opens a port on your computer. Ports are virtual “connections” that listen to activity across a network. For instance, when you connect to your favorite website, the web server “listens” on port 80 for connection requests. When you open a website in your browser, your computer sends a request to the web server on port 80 and triggers events that display pages in your browser.

The same activity happens with a RAT only the hacker software lets malicious connections control your desktop.

Firewall and Antivirus Software

Firewall software blocks incoming and outgoing port connections, so they are your number one defense against RATs. Firewalls combined with antivirus software catches most threats, but you’re not 100% safe. Even with these two defenses, new malware is always created to avoid detection. Always use common sense before installing an executable from an unknown source.

View Processes Running

Right-click your Windows toolbar and select “Task Manager.” Click the “Processes” tab in Task Manager. This window gives you a list of programs running on your machine. Review them for any strange names or names that you don’t recognize as typical programs. If you don’t recognize the name, type it into Google. Several sites tell you if a process is malicious, so you know if you have a RAT on your system.

Odd Startup Programs

In some cases, the hacker might want another program to start when you boot your computer. If you notice any strange programs that start up when you boot your computer, you might have a RAT. These secondary programs are usually malicious software also, so you’ll need to remove them when you remove the RAT.

View the List of Installed Programs

Open Windows Control Panel and view the list of programs installed on your computer. If you notice any odd programs, then it could be malicious. In fact, the popular software TeamViewer used to collaborate remotely with people is often used as a RAT. If you didn’t install it on your computer, you should remove it. This application gives remote access to authorized and unauthorized people.

Slow Internet Connection

It’s hard to quantify a slow Internet connection. If you normally have fast speeds but lately your Internet connection is extremely slow, you should first check the router and wireless connection. However, if the hacker is downloading information from your computer, he uses the bandwidth and creates noticeable lag on the network. If you suspect that someone is remotely accessing your computer, the fastest way to stop it is to disconnect from the Internet.

These are five ways you can determine if you have a RAT installed. These applications are extremely malicious, so always be wary of strange programs on the Internet. Stick to installing known programs to avoid the hassle of RAT removal.

Enjoyed this post? Share it!