RATs And A Fun Manager in Botnets

I get quite a few people coming up to me and say, “I went to Shodan the other day for our systems, and I was shocked!”. One of the scariest things for most people is that someone could remote access their computer and see their desktop, and even control their hardware. This is scary world of RATs (Remote Administration Tools), where the good side of remote administration, is turned to an evil side.

Very few things can hide from Shodan, and a quick search for botnets shows that the Darkcomet botnet comes top with Turkey, USA and Russia hosting a good deal of the infrastructure:

DarkComet builds the other botnets such as ZeroAccess and njRAT — where RAT is Remote Administration Tool.

DarkComet was developed by Jean-Pierre Lesueur and created in 2008. One of its main features is a Graphical User Interface (GUI), which allows the user to access systems remotely (such as for key-logging, password cracking and screen capture). It even includes a “Fun Manager” where the intruder can “play” with the target: