The WebMonitor RAT software is a product by a company called Revcode that is based in Stockholm, Sweden. The company develops WebMonitor RAT as a Remote Access Tool from 2018 and promotes it to business managers primarily. The WebMonitor RAT is advertised with three key features, namely — supports Windows versions from XP and above; no need for port-forwarding; control bot-PCs from a PC, a mobile phone and a tablet. Also, the remote administration suite can be launched from a Web browser. Leading cybersecurity vendors have criticized Revcode for deploying WebMonitor RAT in a manner that allows threat actors to exploit their product and plant it on targeted devices. The WebMonitor RAT is perceived as an advanced administration tool that may enable threat actors to run crypto-jacking campaigns, hide Web traffic and execute DDoS attacks.
The WebMonitor RAT supports the following features:
- Log keyboard input, disable host keyboard and relay keyboard commands.
- Stream Webcam feed, record Webcam video, silently launch Web cam and take snapshots.
- Take desktop screenshots and stream the remote desktop.
- Pull Registry backups from a remote computer.
- Execute Shell scripts remotely.
- Record software & hardware configuration.
- Record login activity, Web browser activity and general device activity.
- Record audio and video feed without alerting the users.
The WebMonitor RAT supports a range of system operations that may be exploited with nefarious purposes. The software can perform remote system reset and enable an attacker to delete data on remote computers. There is a panel that logs recently opened files and loads a list of currently running process on the remote host. The WebMonitor RAT suite records disk activity, connected hardware and even allows potential attackers to change the firmware on remote systems. The WebMonitor RAT can be deployed to devices powered by Windows and Android. Customers of Revcode have access to an online builder that you can preview at https://trial.revcode.se. We suspect there may be threat actors already exploiting the WebMonitor RAT in the wild. You might wish to avoid pirated software and cracked games that can act as Trojan horses and install a copy of the WebMonitor RAT on your device turning it into a bot-PC. PC users are counseled to perform security scans regularly and ignore spam emails with attached documents.