Army Vision By 2028 a world-class Army that is a source of national pride

HEADQUARTERS PHILIPPINE ARMY

OFFICE OF THE ASSISTANT CHIEF OF STAFF FOR COMMAND AND CONTROL COMMUNICATIONS AND CYBER SYSTEMS G6

Fort Andres Bonifacio Metro Manila

6eMB 24 February 2017

CYBERSECURITY BULLETIN

Cybersecurity Bulletin 17-08

WHAT IS A REMOTE ACCESS TROJAN

Trojans

Jason Attacker mini in IIugt bull

ltE

10 l ll l1

Th ~ TrOia lOr( iiimiddot a remte dekop acce~ Hacker i~ n corrpllt UI acHS T) Ihe r mote ffStEm

1 Infec t Rebltllaquo1 ( QnlpuOr WIth TV and plant R(middot~ e Con cling TroJ~

2 TIiT ltljl1l mill LllO gton 10 to th~ dlldU~1 III Ru ~~ ~wiJll hlamp a reverse ctmnltCti

J Ja~ the aMadlte complete conl1 Over Rebcca~ machine

A remote access Trojan (RAT) is a malware program that includes a back door for administrative control over the target computer RATs are usually downloaded invisLbly with a user-requested program -- such as a game -- or sent as an email attachment Once the host system is compromised the intruder may use it to distribute RATs to other vulnerable computers and establish a botnet When you clean your computer you dont just dust off the keyboard and wipe fingerprints from the screen You also pay attention to the state of the hard drive updating software and removing old programs

Because a RAT enables administrative control it makes it possible for the intruder to do just about anything on the targeted computer including

bull Monitoring user behavior through keyloggers or other spyware

Cybersecurity Bulletin 17-08 Army Core Purpose SeNing the people Securing the land

Alt Ku Ciiec l Ot 1ct1~c) fI4n

Rebecca Victim II OCu~ OJt t- A-~J fI

--- -- ~

Army Vision By 2028 a world-class Army that is a source of national pride

bull Accessing confidential information such as credit card and social security numbers

bull Activating a systems webcam and recording video

bull Taking screenshots

bull Distributing viruses and other malware

bull Formatting drives

bull Deleting downloading or altering files and file systems

The Back Orifice rootkit is one of the best known examples of a RAT A hacker group known as the Cult of the Dead Cow created Back Orifice to expose the security deficiencies of Microsofts Windows operating systems

RATs can be difficult to detect because they usually dont show up in lists of running programs or tasks The actions they perform can be similar to those of legitimate programs Furthermore an intruder will often manage the level of resource use so that a drop in performance doesnt alert the user that somethings amiss

To protect your system from RATs follow the same procedures you use to prevent other malware infections Keep antivirus software up to date and refrain from downloading programs or opening attachments that arent from a trusted source At the administrative level its always a good idea to block unused ports turn off unused services and monitor outgoing traffic

Reference

This was cross posted from http Ilsearchsecurity techtargetcomdefinitionRA T -remote-access-Trojan

DO YOU WANT TO KNOW MORE TALK TO US

POC MAJ GIL P TARIO II (SC) PA - Acting Chief Cyberspace Management Branch OG6 PA at Landline Telephone Nr 02-845-9555 Local 6630 and Mobile Telephone Nr 091 7-798-2005 Email tariogparmymil ph

Cybersecurity Bulletin 17-08 Army Core Purpose Serving the people Securing the land