The Cobian malware is a RAT (Remote Access Trojan) that was first spotted back in 2017. Since its first iteration, the Cobian RAT has been updated several times, which has resulted in some significant improvements. The Cobian Trojan is offered as a malware-as-a-commodity on underground hacking forums. What makes this threat particularly dangerous is that anyone who is willing to pay the price can obtain the Cobian RAT and distribute it, which is likely to greatly increase the infection rate of this threat.
However, the authors of the Cobian RAT do not only seek to scam their victims but their customers too. The individuals who pay for the Cobian RAT will not receive a genuine version of the hacking tool. Instead, the Cobian RAT, which is offered as a commodity, has a built-in backdoor. This backdoor serves to enable the authors of the hacking tool to control every system that has been infected by the Cobian RAT. This clever trick allows the cybercriminals who built the utility to potentially hijack the victims of their clients. This technique is not innovative in any way – countless other cyber crooks have been applying this strategy throughout the years.
Once it has infiltrated a host, the Cobian RAT would gain persistence via a fake Microsoft Windows Service. As a backup plan, the Cobian threat would also tamper with the Windows Registry. This would ensure that the Cobian Trojan runs every time the victim restarts their computer. After successfully gaining persistence on the host, the Cobian RAT is able to:
- Use the device's microphone to record audio.
- Use the device's camera to record video.
- Establish a remote desktop connection.
- Browse files.
- Modify files.
- Run remote commands.
- Collect passwords by initializing a special module.
- Launch DDoS (Distributed-Denial-of-Service) attacks by utilizing the active bots.
- Launch a keylogger that would collect the keystrokes of the victim.
It is clear to see that the Cobian RAT is a very dangerous threat, which can cause a lot of damage. To protect your computer from pests like the Cobian RAT, you should consider investing in a genuine anti-malware utility.