What is ProRat?

Attackers use malware to steal personal information, financial data, and business information from target systems. ProRat is a “remote administration tool” created by the PRO Group. ProRat was written in the C programming language and is capable of working with all Windows OSes. ProRat was designed to allow users to control their own computers remotely from other computers. However, attackers have co-opted it for their own nefarious purposes. Some hackers take control of remote computer systems to conduct a Denial-of-Service (DoS) attack, which renders the target system unavailable for normal personal or business use. These targeted systems include high-profile web servers such as banks and credit card gateways.

As with other Trojan horses, ProRat uses a client and server. It opens a port on the computer that allows the client to perform numerous operations on the server (the victim machine).

Some of ProRat’s malicious actions on the victim’s machine include:

• Logging keystrokes
• Stealing passwords
• Taking full control over files
• Drive formatting
• Opening and closing the DVD tray
• Hiding the taskbar, desktop, and start button
• Viewing system information

An ethical hacker or pen tester can use ProRat to audit their own network against remote access Trojans.