Software:Gh0st RAT
| Developer(s) | C.Rufus Security Team 红狼小组 (Hong Lang Xiao Zu) |
|---|---|
| Preview release | Gh0st RAT Beta 3.6
|
| Written in | C++ |
| Operating system | Microsoft Windows |
| Available in | Chinese |
| Type | Trojan |
| License | Public Domain[1] |
| Website | http://www.15897.com/ |
Gh0st RAT is a Trojan horse for the Windows platform that the operators of GhostNet used to hack into many sensitive computer networks.[2] It is a cyber spying computer program. The "RAT" part of the name refers to the software's ability to operate as a "Remote Administration Tool".
The GhostNet system disseminates malware to selected recipients via computer code attached to stolen emails and addresses, thereby expanding the network by allowing more computers to be infected.[3] According to the Infowar Monitor (IWM), "GhostNet" infection causes computers to download a Trojan known as "Gh0st RAT" that allows attackers to gain complete, real-time control.[4] Such a computer can be controlled or inspected by its hackers, and the software even has the ability to turn on the camera and audio-recording functions of an infected computer that has such capabilities, enabling monitors to see and hear what goes on in a room. A lesser known variant of Gh0st RAT is Gh0stBins, which possesses the same set of malicious tools, including keylogging and the ability to perform a system reboot.[5]
See also
- Computer surveillance
- Computer insecurity
- Cyber-security regulation
- Cyber-warfare
- Proactive Cyber Defence
- Surveillance
- Espionage
- Phishing
References
- ↑ 此软件无作者,无版权 (This software has no authors and no copyright). Gh0st RAT Beta 2.5 开源-红狼远控
- ↑ "Cyberspies' code a click away - Simple Google search quickly finds link to software for Ghost RAT program used to target governments". Toronto Star (Canada) (Toronto, Ontario, Canada). March 31, 2009. https://www.thestar.com/News/World/Article/610860. Retrieved 2009-04-04.
- ↑ Markoff, John (March 28, 2009). "Vast Spy System Loots Computers in 103 Countries". New York Times. https://www.nytimes.com/2009/03/29/technology/29spy.html. Retrieved March 29, 2009.
- ↑ Harvey, Mike (March 29, 2009). "Chinese hackers 'using ghost network to control embassy computers'". The Times (London). http://www.timesonline.co.uk/tol/news/uk/crime/article5996253.ece. Retrieved March 29, 2009.
- ↑ "Gh0stBins, Chinese RAT: Malware Analysis, Protocol Description, RDP Stream Recovery". 22 June 2023. https://any.run/cybersecurity-blog/gh0stbins-chinese-rat-malware-analysis.
- Walton, Gregory (April 2008). "Year of the Gh0st RAT". World Association of Newspapers. http://www.beijing2008conference.com/articles.php?id=101. Retrieved 2009-04-01.
External links
 |
