TORONTO—People around the world are being targeted for exploitation with malicious remote admin tools (RATs) that are taking advantage of old, already patched Microsoft vulnerabilities. That’s the finding of researchers from the Citizen Lab based at the Munk School of Global Affairs at the University of Toronto, speaking at the SecTor security conference here this week..
Today a number of different techniques are being used around the world to get malicious RAT tools onto computers, according to Katie Kleemola, security analyst at the Citizen Lab. In Syria, which is currently embroiled in a bitter civil war, one of the most common ways users are being exploited is by way of fake Skype tools, Kleemola said.
The fake tools are typically presented to the user as encryption tools that will help the user stay safe from prying eyes. The irony is that the encryption tool is, in fact, the vehicle that enables an attacker to place a RAT on the user’s system.