RAT for Mac
RAT for Mac?
When there’s too much RAT (Remote Administration Tool) available for Windows, people wonder if there’s good and useful RAT for Mac as well.
The search and discussions about this topic goes on and on; at one point an online poll favored to continue the development:
A useful description of RATs that works in OSX can be found here.
The most recent/updated development is HellRaiser version 4.2,
coded by DCHKG an Underground Mac Programming Team.
HellRaiser includes a configuration component, where the remote controller can specify the server parameters.
The server component is the application distributed to target OS X user. It requires manual execution to install and enable the server to run in background (hidden from dock). Once successful, the server component (or the slave) will report back to the master as shown below.
How would I know if HellRaiser server is installed/running?
option 1: You may open network utility and activity monitor (/Applications/Utilities/) and kill the process.
option 2: You may open terminal, and type
lsof -i (this will list running processes and its matching network/internet connection). Search dubious name and internet connection, take note of the PID, and in terminal type
kill -9 <PID> (this will kill the process).
If you’re using Mac security scanner, then it’s best time to check for signature update! (most vendors detects this as OSX HellRTS)