RATs, rootkits, and ransomware (oh my!)

Emma McGowan 27 Sep 2023

Perturbing highlights from the latest Avast Threat Report indicate scammers aren’t just stealing from your computer—they’re working to take it over entirely.

In a vast world of online threats, certain terms can stand out for their mysterious nature and vague implications. They sound technical, jargony, and are often dismissed as too hard for us to get into. Today we’re offering a guide, a sort of compass, to help simplify a few of those terms, and enable you to navigate around some of the latest dangers from the Avast Threat Report 

Scammers are upgrading their toolkits, and their aim is to take remote control of your computer. With these tools, they can quietly steal information in the background, take over your computer right in front of your eyes, or even lock you out of you data and hold it ransom.  

These forms of malware, called RATs (Remote Access Trojans), rootkits, and ransomware, are actually easy to understand and defend against. It just takes a little awareness. 

RATs are a malware infestation that take over your computer 

If a Remote Access Trojan (RAT) sounds hard to understand, trust that it’s not. Break it down to the words. Remote: meaning the bad person or group is working remotely, not personally or physically on your device or computer. Access: they’re opening the doors to your data and your software. Trojan: they’re likely sneaking into your device by hiding inside something you trusted (or thought was a gift, we suppose).  

When a RAT finds its way onto your device, it enables a cybercriminal to go to work on your computer or device the same way you do. Often, you can see them do it on your screen. For the hackers, they can see everything you can, search through and copy files, take browsing and personal information, and even run programs that let them access your webcam or your location data.  

The latest threat report from Avast indicates an increase in the proliferation of RATs in Europe, Canada, South Africa, and other countries. Like infestations of old, many RATs are being delivered by pirate ships pirated software (and movies). It’s never a bad idea to be a little skeptical of what you’re letting aboard your device. 
  

How to defend yourself from RATs: 

  • Avoid downloading files from unverified or questionable sources 
  • Use security software that can identify and nullify these kinds of threats 
  • Keep all your software, especially security software, updated 

 Rootkits are invisible guests that quietly steal from your house 

 To understand rootkits, think of your computer as a large and luxurious mansion. Inside this mansion, you have countless rooms filled with valuables. Now, there's an almost invisible shadow that moves around, accessing rooms, but it's so discreet that the mansion's security guards (your stock antivirus) often can't spot it. 

In essence, Rootkits are malware that can take control and rewrite the underlying rules that run your computer. In common practice, this form of malware changes systems so that other viruses and malware are allowed to run freely and undetected—which is exactly what they want. 

The objective of a rootkit is frequently to remain hidden, allowing it to carry out its tasks and steal data and access over an extended period of time.  

How to keep rootkits out of your mansion: 

  • Use antivirus that includes rootkit detection 
  • Be wary of granting software administrative privileges when you’re unsure of the source 
  • Keep all your software, especially security software, updated 

Ransomware is hackers' digital data kidnappers 

We’ve covered ransomware extensively, but to continue our house metaphor, envision coming home after a long day and discovering that your keys no longer unlock the front door…or any door. It might be frustrating because everything in your house is there right in front of you, but you just can’t get in. Then, you find a note in the mailbox: “Pay, and we’ll give you the key.” 

When ransomware finds its way onto your system, it “locks” your files and makes them inaccessible. The culprits then demand a ransom (often in cryptocurrency due to its anonymity) to provide the decryption key.  

In the latest Avast Threat Report, experts noticed a trend that ransomware attacks are evolving and being used in more and more specific attacks.  

How to safeguard against ransomware: 

  • Regularly backup your files. If you have copies stored safely, you can restore them without paying a ransom 
  • Avoid clicking on suspicious email links or downloading dubious attachments 
  • Keep all your software, especially security software, updated (did you catch the trend?) 

Knowledge is your first line of defense 

The names for these forms of malware might seem intimidating, but they’re easy to understand with a little practice. More important than knowing their names is developing good online habits, keeping your system updated, and using healthy common sense when you connect any device to the internet. 

Stay curious, stay updated, and most importantly, stay safe in this ever-evolving digital world. 

To find out more about these threats and more, read the full Avast Q2/2023 Threat Report.

--> -->