Computer RAT (Remote Access Trojan): is a virus once installed on a system allows a hacker to run malicious code, key log your system and use network to DDOS.
Bot Net: is generally a term used to define a group of RAT-ed computers receiving commands from same server.
HTTP (Hyper-Text Transfer Protocol): is the protocol websites use to transmit information over the internet hence the “http://” at the beginning of website URLs.
How a HTTP RAT Works
There are to parts process of a computer RAT, the first being infecting computers and the next being sending commands to the RAT. The first step pretty much is always just a process of deceiving the user into thinking the RAT is something different hence the name Trojan. However, the second step change drastically depending on the means to transfer commands to the rat. Though, this post will only focus the HTTP method of information transfer, you should understand the basic concepts.
Step 1: Deceiving the User | The best way to deceive a user, is try to deceive multiple users at the same time to increase the chance of any given user to download the rat. Especially to users that are not tech savvy. Often RATs designed to look like software cracks are uploaded to YouTube in hope of users downloading the RAT. However, because YouTube users are getting smarter, looking into comments and being conscious especially if rating are disabled; and now many hackers are using social media to spread their RAT.
Step 2: Sending Commands to the RAT | The basic concept of sending commands to a RAT via the HTTP method is too having the RAT continuously scan a webpage containing the hackers desired command. Furthermore, application will be built to automate the process of putting the command on the site usually built on a web console also excessed via HTTP or sometimes SSH.
How to Protect Yourself from Computer RATs
Protecting yourself from computer RATs can be quite difficult because these RATs are specifically design to hide form anti-virus and to deceive the users. But RATs can be avoid by keeping an updated passive anti-virus that scans for RAT like activity such as the Norton 360 security suite but keep in mind this does use lots of resources. Additionally the best way to protect against a RAT is to download from trusted sources only.