The authors of the VanillaRAT have not released a ready-to-use threatening tool. Instead, they have opted to publish full source code that anyone can compile and use. They might have opted for this strategy with two things in mind:
- It would discourage unexperienced cybercrooks completely from trying their luck with this tool.
- It would allow experienced cybercrooks to analyze the code and see that there are not any unexpected backdoors that could harm their system.
The project is written in C#, and the GitHub page where it is hosted contains extensive instructions on how to compile, configure and use the VanillaRAT.
The VanillaRAT is a rather sneaky threat, it is capable of infiltrating a system and remaining under the radar of the victim by not inconveniencing the user in any obvious manner. The VanillaRAT also has a number of capabilities. It can collect keystrokes and get access to the microphone of the infiltrated machine. It also is capable of loading Web pages, viewing and modifying the Windows Clipboard, managing Windows processes, sending TTS (text-to-speech) messages, and initiating a chat window with the victim. The VanillaRAT can also modify, upload, download, and browse files on the corrupted computer. This threat also can remotely control the victim's computer.
Malware researchers have not come to a consensus when it comes to what propagation methods have been employed in spreading the VanillaRAT. However, it is quite clear that the creator of the VanillaRAT is planning on adding more features to this threat. The author states that a password-collecting capability is likely to be added to the VanillaRAT in the future.
It is crucial to obtain a reputable anti-spyware application, which will keep you safe from threats like the VanillaRAT, which will only grow more threatening with time.