Posts Tagged

Viruses

FatalRAT – A Trojan Horse

Elizabeth Technology July 20, 2023

How many kinds of Trojan-type viruses are there?

What is a Trojan?

A Trojan virus is essentially a virus that sneaks in pretending to be something else, hence the name! Links that lead to auto-download pages on shady websites that promised something else, .EXEs disguised as .PDFs, .XLSXs that betray the trust of the user, the list goes on.

Once in the computer, what they do is what determines what kind of Trojan they are.

The only real way to avoid these things is to be cautious with what you download and click – Trojans are very versatile by nature. The one that hit the news, FatalRAT, tricked users with a fake ad that led to a fake Google webpage. Illegal download sites are famous for having multiple fake download buttons surrounding the real one, all of which might just download malware instead of the pirated movie or show the end user was hoping for. The website doesn’t even have to be shady – bad actors using websites like Facebook or Twitter can post links leading to places that download these things without warning! Email attachments are another easy way to contract a Trojan virus as well.

RAT: Remote Access Trojans

Remote Access Trojans grant remote access to the Trojan’s creator once downloaded and established. Once there, the RAT can be used to control the computer. Once the virus is on there, the creator can send commands to it as if they were in front of the computer themselves, whether that’s for data extraction, or to attack other computers on the network.

Backdoor Trojans

Backdoor Trojans, once downloaded, start sending data back to their source from the infected computer. Where a RAT’s priority may be to take over the device and keep the computer’s owner from taking back control, a backdoor Trojan often tries to lie low, avoid detection, and gather as much data as possible to send back to its creator. Some install keyloggers and other malicious spyware, while others just copy and send files found on the device.

Rootkit Trojans and Exploitable Backdoor Bugs

Rootkit Trojans can get onto the device via any method, but are unique because they hide in the rootkit folder, which is responsible for handling the device’s startup and shutdown procedures. Since they start up at the same time as the device, built-in antivirus may miss it indefinitely.

Similarly, some Trojans don’t rely on the user making a mistake and clicking something iffy, but the company making some of the user’s software leaving in a backdoor they can use to tunnel into the end user’s computer, achieving the same effect.

After Install: Ransomware and Blackmail

Trojans are not exclusively for stealing data, although many of them do go after tax documents and other such financial files on a computer. Some Trojans sneak onto computers specifically so that computer can become part of a botnet without the owner noticing, taking its computing power and contributing it to malicious DDoSing projects. Some Trojans sneak in, demand an “update” once the computer is hooked up to the internet, and then use that “update” to sneak in ransomware or things like keyloggers, which are then used to blackmail the user out of money, or sometimes information.

The end result is always bad for the end user, so be very careful when downloading third-party programs from websites with no reputation online!

Is It True That Macs Don’t Get Viruses?

Elizabeth Technology December 22, 2021

Absolutely not. Here’s why!

Apple devices are slightly harder to weasel into from outside, but that doesn’t mean that it’s impossible. A virus has to be crafted differently to even function on an Apple computer. For the same reason that Apple needs its own version of browsers and games, it needs its own version of viruses, and with Microsoft being the default for most ‘sensitive’ systems, like pharmacies, school networks, and hospitals, hackers and other malicious individuals just don’t seem to care that much about Mac devices.

But not caring that much is not the same as not caring at all.

Apple’s known virus count is slowly creeping up, although viruses that use weaknesses in the system to get in are quickly made obsolete by updates. Apple viruses are a special kind of pain to deal with because the person who made them surely made them out of spite – as said previously, Mac’s system is not compatible with Microsoft’s, so viruses are custom tailored.

Their recommendation is to completely avoid third party apps – for good reason. The primary way that malware ends up in the computer’s system is via scam downloads. Those can look like a couple different things. Everybody (or almost everybody) knows not to click those flashing banners at the top of blog sites that advertise “FREE iPAD! CLICK NOW!” because it used to be the most common way to steal information from non-tech-savvy people.

“Free Flash Player!” “Free Game! Connect With Friends! Download Now!” are it’s equally outdated cousins. Anything that tells a Mac user that they need to download it has the potential to be a virus, and if the user is unlucky enough to get a virus prepared for a Mac, they’re in for a headache. But it’s tough to trick people with those flashing banners anymore, right? So…

The next easiest way is to fake an email from an app publisher, or even from Apple itself! This still won’t get a lot of people, but the people who fell for the flashing banners the first go-round might fall for an email that looks juuuuust official enough to make them doubt themselves.

One version of this scam involves sending an email with a downloadable attachment to ‘fix’ a ‘virus’ that ‘Apple’ has detected on the device. That’s not Apple, and there’s no virus until the recipient downloads the attachment. That was the goal! And now the virus is on the computer. Oh no!

Alternatively, if you’ve downloaded some game or another that you trusted, even though it was third party, and then received an email about a big patch that needs to be downloaded, you might fall for it! Depending on the game, they could have your email to send patches to, right? Official platforms like Steam certainly have their user’s email.

And that’s not even the game download itself! Downloading a game off of third party websites can lead to some nasty results, which is why Apple goes out of it’s way to warn you every step of the download, and also warn you off of third party downloads in every help forum. The risk that what you downloaded could be malware is just not worth the inconvenience of waiting for that game to come out on an Apple-licensed platform.

Long story short: it’s very possible, albeit difficult, to get viruses on a Mac computer. Don’t download attachments from strangers!

Source: Apple.com resources