Ars Technica reported this weekend on how hackers have been spying on women through their webcams using RATs (remote administration tools). It's an unsettling read, revealing how "RAT operators have nearly complete control over the computers they infect; they can (and do) browse people's private pictures in search of erotic images to share with each other online. They even have strategies for watching where women store the photos most likely to be compromising."
The online community of RAT operators, "ratters," Ars Technica notes, is almost exclusively male. They share the fruits of the computers they compromise -- largely intimate images of women swiped from computer files or caught on webcam -- on aboveground hacker forums. They call the women they spy on "slaves."
RAT technology is not new, but has become vastly more sophisticated and undetectable by victims. As Ars Technica noted, ensnaring "slaves" is the easy part:
Building an army of slaves isn't particularly complicated; ratters simply need to trick their targets into running a file. This is commonly done by seeding file-sharing networks with infected files and naming them after popular songs or movies, or through even more creative methods. "I seem to get a lot of female slaves by spreading Sims 3 with a [RAT] server on torrent sites," wrote one poster. Another turned to social media, where "I've been able to message random hot girls on facebook (0 mutual friends) and infect (usually become friends with them too); with the right words anything is possible."
Of course, locating the ethical dilemma in the RAT tools would be to miss the point -- the same technology is used to trace stolen laptops, and has the potential to be used to monitor corporate and institutional malfeasance. "The developers behind RAT software generally describe their products as nothing more than tools which can be used for good and ill," Ars Technica noted.
Stemming the proliferation of RAT tools is an impossibility -- there are too many and "source code is in the wild." But, advises Ars Technica, there are some basic precautions one can take to avoid ratter slavery (which largely boil down to "avoiding dodgy stuff"):
Use a solid anti-malware program, keep your operating system updated, and make sure plugins (especially Flash and Java) aren't out of date. Don't visit dodgy forums or buy dodgy items, don't click dodgy attachments in e-mail, and don't download dodgy torrents. Such steps won't stop every attack, but they will foil many casual users looking to add a few more slaves to their collections.