CinaRAT

It is not uncommon to see cybercriminals trying to disguise their programs as legitimate tools that are meant to help users perform simple tasks such as to control their computer from a remote location. While there are legitimate tools that serve this sole purpose, you can rest assured that CinaRAT (also seen as Yggdrasil) is not one of them – despite the author’s claims that this is a remote administration tool that is not meant to be used for illegal purposes.

The CinaRAT’s source code is available publicly, and its core alongside some of its modules are based on the infamous QuasarRAT. According to the list of details provided by the CinaRAT’s author, this program is meant to serve as a light-weight remote administration tool that is operated via a fast and intuitive interface. However, its features are not typical for ‘legitimate’ remote desktop software certainly. Some of CinaRAT’s main capabilities are:

• Log keystrokes.
• Use the Startup Manager, Task Manager and File Manager.
• Browse websites via hidden Web browser instances.
• Access the infected host’s desktop, web camera and command prompt.
• Exfiltrate files from the infected computer.
• Download & upload files to the compromised system.
• Collect passwords from FTP clients and Web browsers.

It is clear that this tool can be used for threatening purposes, and it would not be a surprise if the number of users infected by this Remote Access Trojan (RAT) increases in the near future, especially considering that it is free and public.

Thankfully, protecting your computer from threats like this one requires one simple thing – to download and install a reputable anti-virus software suite. This is guaranteed to stop the CinaRAT in its tracks and prevent its operator from snagging any important data from your computer.