Posted on July 20, 2023 in Technology

FatalRAT – A Trojan Horse

How many kinds of Trojan-type viruses are there?

What is a Trojan?

A Trojan virus is essentially a virus that sneaks in pretending to be something else, hence the name! Links that lead to auto-download pages on shady websites that promised something else, .EXEs disguised as .PDFs, .XLSXs that betray the trust of the user, the list goes on.

Once in the computer, what they do is what determines what kind of Trojan they are.

The only real way to avoid these things is to be cautious with what you download and click – Trojans are very versatile by nature. The one that hit the news, FatalRAT, tricked users with a fake ad that led to a fake Google webpage. Illegal download sites are famous for having multiple fake download buttons surrounding the real one, all of which might just download malware instead of the pirated movie or show the end user was hoping for. The website doesn’t even have to be shady – bad actors using websites like Facebook or Twitter can post links leading to places that download these things without warning! Email attachments are another easy way to contract a Trojan virus as well.

RAT: Remote Access Trojans

Remote Access Trojans grant remote access to the Trojan’s creator once downloaded and established. Once there, the RAT can be used to control the computer. Once the virus is on there, the creator can send commands to it as if they were in front of the computer themselves, whether that’s for data extraction, or to attack other computers on the network.

Backdoor Trojans

Backdoor Trojans, once downloaded, start sending data back to their source from the infected computer. Where a RAT’s priority may be to take over the device and keep the computer’s owner from taking back control, a backdoor Trojan often tries to lie low, avoid detection, and gather as much data as possible to send back to its creator. Some install keyloggers and other malicious spyware, while others just copy and send files found on the device.

Rootkit Trojans and Exploitable Backdoor Bugs

Rootkit Trojans can get onto the device via any method, but are unique because they hide in the rootkit folder, which is responsible for handling the device’s startup and shutdown procedures. Since they start up at the same time as the device, built-in antivirus may miss it indefinitely.

Similarly, some Trojans don’t rely on the user making a mistake and clicking something iffy, but the company making some of the user’s software leaving in a backdoor they can use to tunnel into the end user’s computer, achieving the same effect.

After Install: Ransomware and Blackmail

Trojans are not exclusively for stealing data, although many of them do go after tax documents and other such financial files on a computer. Some Trojans sneak onto computers specifically so that computer can become part of a botnet without the owner noticing, taking its computing power and contributing it to malicious DDoSing projects. Some Trojans sneak in, demand an “update” once the computer is hooked up to the internet, and then use that “update” to sneak in ransomware or things like keyloggers, which are then used to blackmail the user out of money, or sometimes information.

The end result is always bad for the end user, so be very careful when downloading third-party programs from websites with no reputation online!