T-RAT Malware

T-RAT is a Remote Administration Trojan (RAT) that cybercriminals use to perform various actions on targeted computers remotely without the users' knowledge and permission. Due to the many features that this RAT has, it can be exploited to generate revenues in many different ways. Research shows that T-RAT is sold on underground forums for a price of 3500 Rubles currently.

Among T-RAT’s special functions is the logging of keystrokes, which allows the malware operators to collect data like login credentials for online accounts, credit card details and many others. T-RAT also can act as a “clipper” – it captures cryptocurrency wallet addresses saved on the clipboard of an infected system and replaces them with wallet addresses controlled by the attackers. It means T-RAT can redirect cryptocurrency transfers effectively

Furthermore, T-RAT can execute commands via the Command Prompt and PowerShell. This feature allows the cyber crooks to turn on a computer’s camera or microphone remotely, record video or audio files, and then blackmail the user by threatening to use recorded material in improper ways. RATs also are commonly used to download and install other malware like Trojans and ransomware.

T-RAT is being distributed through many different channels. Corrupted e-mail attachments, fake software updates, “cracked” tools from torrent websites, and unsafe advertisements are the most common options. Malware researchers recommend the use of an automated malware removal tool to get rid of this threat.