Gh0st RAT: Difference between revisions
Content deleted Content added
mNo edit summary |
m RAT is an acronym, so I changed instances of Rat to RAT |
||
| Line 14: | Line 14: | ||
}} |
}} |
||
'''Gh0st RAT''' is a [[Trojan horse (computing)|Trojan horse]] for the Windows platform that the operators of [[GhostNet]] used to [[Hacker (computer security)|hack]] into many sensitive computer networks.<ref>{{Cite news|url=https://www.thestar.com/News/World/Article/610860|title=Cyberspies' code a click away - Simple Google search quickly finds link to software for Ghost |
'''Gh0st RAT''' is a [[Trojan horse (computing)|Trojan horse]] for the Windows platform that the operators of [[GhostNet]] used to [[Hacker (computer security)|hack]] into many sensitive computer networks.<ref>{{Cite news|url=https://www.thestar.com/News/World/Article/610860|title=Cyberspies' code a click away - Simple Google search quickly finds link to software for Ghost RAT program used to target governments|periodical=Toronto Star (Canada)|date=March 31, 2009|accessdate=2009-04-04|location=Toronto, Ontario, Canada}}</ref> It is a [[cyber spying]] computer program. The "RAT" part of the name refers to the software's ability to operate as a "Remote Administration Tool". |
||
The GhostNet system disseminates [[malware]] to selected recipients via computer code attached to stolen emails and addresses, thereby expanding the network by allowing more computers to be infected.<ref>{{cite news| title=Vast Spy System Loots Computers in 103 Countries | url=https://www.nytimes.com/2009/03/29/technology/29spy.html | work = [[New York Times]] | date=March 28, 2009 | accessdate=March 29, 2009 | first=John | last=Markoff}}</ref> According to the [[Infowar Monitor]] (IWM), "GhostNet" infection causes computers to download a [[Trojan horse (computing)|Trojan]] known as "Gh0st RAT" that allows attackers to gain complete, real-time control.<ref>{{cite news| title=Chinese hackers 'using ghost network to control embassy computers' | url=http://www.timesonline.co.uk/tol/news/uk/crime/article5996253.ece | work=[[The Times]] | date=March 29, 2009 | accessdate=March 29, 2009 | location=London | first=Mike | last=Harvey}}</ref> Such a computer can be controlled or inspected by its hackers, and the software even has the ability to turn on the camera and audio-recording functions of an infected computer that has such capabilities, enabling monitors to see and hear what goes on in a room. A lesser known variant of Gh0st RAT is Gh0stBins, which possesses the same set of malicious tools, including keylogging and the ability to perform a system reboot.<ref>{{cite web|title= Gh0stBins, Chinese RAT: Malware Analysis, Protocol Description, RDP Stream Recovery|url=https://any.run/cybersecurity-blog/gh0stbins-chinese-rat-malware-analysis}}</ref> |
The GhostNet system disseminates [[malware]] to selected recipients via computer code attached to stolen emails and addresses, thereby expanding the network by allowing more computers to be infected.<ref>{{cite news| title=Vast Spy System Loots Computers in 103 Countries | url=https://www.nytimes.com/2009/03/29/technology/29spy.html | work = [[New York Times]] | date=March 28, 2009 | accessdate=March 29, 2009 | first=John | last=Markoff}}</ref> According to the [[Infowar Monitor]] (IWM), "GhostNet" infection causes computers to download a [[Trojan horse (computing)|Trojan]] known as "Gh0st RAT" that allows attackers to gain complete, real-time control.<ref>{{cite news| title=Chinese hackers 'using ghost network to control embassy computers' | url=http://www.timesonline.co.uk/tol/news/uk/crime/article5996253.ece | work=[[The Times]] | date=March 29, 2009 | accessdate=March 29, 2009 | location=London | first=Mike | last=Harvey}}</ref> Such a computer can be controlled or inspected by its hackers, and the software even has the ability to turn on the camera and audio-recording functions of an infected computer that has such capabilities, enabling monitors to see and hear what goes on in a room. A lesser known variant of Gh0st RAT is Gh0stBins, which possesses the same set of malicious tools, including keylogging and the ability to perform a system reboot.<ref>{{cite web|title= Gh0stBins, Chinese RAT: Malware Analysis, Protocol Description, RDP Stream Recovery|url=https://any.run/cybersecurity-blog/gh0stbins-chinese-rat-malware-analysis}}</ref> |
||
Revision as of 13:22, 10 November 2023
| Developer(s) | C.Rufus Security Team 红狼小组 (Hong Lang Xiao Zu) |
|---|---|
| Preview release | Gh0st RAT Beta 3.6
|
| Written in | C++ |
| Operating system | Microsoft Windows |
| Available in | Chinese |
| Type | Trojan |
| License | Public Domain[1] |
| Website | http://www.15897.com/ |
Gh0st RAT is a Trojan horse for the Windows platform that the operators of GhostNet used to hack into many sensitive computer networks.[2] It is a cyber spying computer program. The "RAT" part of the name refers to the software's ability to operate as a "Remote Administration Tool".
The GhostNet system disseminates malware to selected recipients via computer code attached to stolen emails and addresses, thereby expanding the network by allowing more computers to be infected.[3] According to the Infowar Monitor (IWM), "GhostNet" infection causes computers to download a Trojan known as "Gh0st RAT" that allows attackers to gain complete, real-time control.[4] Such a computer can be controlled or inspected by its hackers, and the software even has the ability to turn on the camera and audio-recording functions of an infected computer that has such capabilities, enabling monitors to see and hear what goes on in a room. A lesser known variant of Gh0st RAT is Gh0stBins, which possesses the same set of malicious tools, including keylogging and the ability to perform a system reboot.[5]
See also
- Computer surveillance
- Computer insecurity
- Cyber-security regulation
- Cyber-warfare
- Proactive Cyber Defence
- Surveillance
- Espionage
- Phishing
References
- ^ 此软件无作者,无版权 (This software has no authors and no copyright). Gh0st RAT Beta 2.5 开源-红狼远控
- ^ "Cyberspies' code a click away - Simple Google search quickly finds link to software for Ghost RAT program used to target governments". Toronto Star (Canada). Toronto, Ontario, Canada. March 31, 2009. Retrieved 2009-04-04.
- ^ Markoff, John (March 28, 2009). "Vast Spy System Loots Computers in 103 Countries". New York Times. Retrieved March 29, 2009.
- ^ Harvey, Mike (March 29, 2009). "Chinese hackers 'using ghost network to control embassy computers'". The Times. London. Retrieved March 29, 2009.
- ^ "Gh0stBins, Chinese RAT: Malware Analysis, Protocol Description, RDP Stream Recovery".
- Walton, Gregory (April 2008). "Year of the Gh0st RAT". World Association of Newspapers. Archived from the original on 2009-08-11. Retrieved 2009-04-01.