Trojan discount with Windows 8 support
While some anti-virus vendors have problems with Microsoft’s newest handling system, a cybercrime village has already jumped on a Windows 8 train. For example, on a Google-hosted site, for €40, a “Remote Administration Tool” called Xtreme RAT, that is already Windows-8-compatible, is accessible with giveaway updates included.
The list of built-in functions creates it transparent that a developers were not charity a apparatus that provides elementary administration of remote computers. The apparatus includes, among other functions, a keylogger that can store a available keystrokes to any FTP server and can constraint passwords from all vital browsers.
Xtreme RAT can also broadcast a shade essence to a “admin” and daub webcams and microphones. The developer advertises that his apparatus can pretence Data Execution Prevention (DEP) and that a latest chronicle works with a supposed Cryptem – these are special programs that change executable files to block showing by antivirus software. It is tough to suppose that these functions are looked for in a legitimate remote administration tool.
Anti-virus programs are also of a opinion that Xtreme RAT is not utterly kosher. On a practical appurtenance exam run by The H‘s associates during heise Security, a Xtreme RAT server program was immediatly quarantined by Windows Defender. At VirusTotal it was rescued by 38 of a 43 pathogen scanners, though a developer is already prepared: for €100 he is charity a “Fully Undetectable” chronicle (FUD) that is presumably not rescued by pathogen scanners. Free updates are again included. For €350 we can even buy a source code.
A report by Trend Micro shows that users who’s computers were “remotely administrated” with a RAT apparatus competence not always totally determine with it. According to a report, Xtreme RAT was recently used for a cyber conflict opposite a Israeli military that forced all military computers temporarily offline.