The DarkComet Remote Access Tool (RAT) is a hacking tool that criminals can use to control a computer from a remote location. It has been used prominently in attacks against political activists in the Middle East, particularly in Syria. Although development on DarkComet has been allegedly halted, it is still being distributed and actively used against political dissidents. One of the latest such attacks come in the form of AntiHacker, a fake security tool. Advertised as a program to help avoid precisely these kinds of online attacks, AntiHacker is a disguised delivery tool for the DarkComet RAT. If the computer is infected with AntiHacker, the criminals behind this threat can gain complete control over the infected computer, including control over its webcam and access to its files. ESG malware analysts warn that AntiHacker is not what AntiHacker seems and computer users in sensitive situations, such as those that are politically active in the Middle East, should be especially careful when downloading and installing any software on their computer.
How AntiHacker Scams PC Users
It is well known that the Syrian government has enlisted the help of hackers in order to uncover and attack political activists. Many people in Syria and other Middle Eastern countries actively seek out software and plug-ins to help them avoid eavesdropping on their online activity. Unfortunately, these same outlaws have started to take benefit of this situation by releasing fake security tools, add-ons and plug-ins that are designed to deliver malware on the victim's computer. In 2012, we saw various cases of this happening; commonly distributed on social media networks, these can be disguised as fake security plug-ins for Skype, instant messaging programs or security software suites.
AntiHacker is no exception. It is advertised on the Facebook page that claims to provide tools to help political activists, while doing the complete opposite. This Facebook page contains a link to a website where AntiHacker can be downloaded and installed. Once AntiHacker is installed, hackers can control applications on the infected computer, gain access to personal files and take pictures and video with the infected computer's webcam.
Taking a Look at the AntiHacker Interface
A closer look at AntiHacker reveals many typos and grammatical errors that reveal its true nature. Because of this, ESG security researchers reiterate the importance of downloading security software only directly from recognized, reputable manufacturers. Criminals will often disguise their malware creations as security tools in order to target those that are most vulnerable.
Do You Suspect Your PC May Be Infected with AntiHacker & Other Threats? Scan Your PC with SpyHunterSpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like AntiHacker as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Security Doesn't Let You Download SpyHunter or Access the Internet?Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
- Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
- Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
- Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
- IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.