What is a RAT?
A Remote Access Trojan, aka RAT, is malicious software that provides the attacker unlimited access to the victims’ endpoints.
What are the main objectives?
This trojan typically aims to steal sensitive information about the user or the services it accesses. Often the RATs are manually checked by the attacker to perform operations on the victim’s endpoints. Some RATs target specific operating systems, and as we have recently witnessed, Android is one of these targets.
How to manage it?
To protect online services from RAT attacks that target end-users, it is necessary to define an endpoint defense strategy by monitoring user behavior.
- Use strong authentication based on dual channel. Avoid allowing the end-point control to give full access to critical features. For example, you can use a digital signature of transactions via mobile software token.
- Detect behavioral anomalies in the interaction with the service that may lead to suspect that these are not operations requested by the legitimate user.
- Detect and block the threat. You need to identify a RAT presence in the user’s device before exposing sensitive information or functionalities.
DON’T WORRY…ASK US FOR HELP!
XTN Cognitive Security Platform® allow you to protect your services from RAT attacks.