Breut
Breut, also known by Darkmoon or PoisonIvy, is a backdoor Trojan and RAT that gives third parties invasive control over an infected PC. While Breut sees use by names as well-known as the China-based hackers of Axiom, Breut also is available to other third party clients, with corresponding flexibility in its potential attacks and distribution models. Rated as a high-level threat, Breut's deletion should be handled by anti-malware products that have proven themselves adept against other backdoor Trojans and equally clandestine threats.
An Invisible Eye Leveled on Your Machine
Remote Administration Trojans are not necessarily complex, but they do tend to couple extremely invasive attacks with a user interface that allows third parties to make full use of those capabilities. Breut is a characteristic RAT of this type and provides a basic Windows menu that lets third parties launch diverse attacks against compromised PCs. As of malware experts' latest analyses of this long-running threat, Breut's features may encompass:
- Keylogging allows Breut to record typed information to a log, available for illicit viewing.
- Webcam access allows Breut to monitor your webcam feed or even enable this device if it's off.
- A remote shell lets third parties issue command-line instructions through Breut, which may disable security features and modify files.
- Breut also may terminate programs arbitrarily, with the most obvious application of these feature being to disable anti-virus and other security products.
- A comprehensive file-search and management system also let Breut's clients browse through files, delete them, rename them and change their locations (or other attributes).
Since Breut and other RATs are stealth-based Trojans that don't alert their victims to their presence, none of these attacks are associated with distinct symptoms. At best, third parties non-adept at using Breut may inadvertently run commands that are visible, although such mistakes are unlikely to occur from competent hackers, such as Axiom.
De-Weeding an Ivy-Infested PC
Since detecting Breut is best left to one's automated anti-malware defenses, regular, scheduled scans of your computer are the best protection against this RAT that malware experts can recommend. Common infection vectors, such as e-mail messages, software piracy networks and free software sites of poor repute also should have all downloaded files scanned before launching them. Breut's distribution models, as well as its behavior, are left up to its individual clients, which may result in different behavior infections from multiple sources.
Whether Breut is called Poison Ivy, Darkmoon or Breut, this RAT is just one of many, similar threats that allow third parties to control an infected PC with maximum impact for minimal effort. Preventative defenses are much simpler than removing Breut after its installation. However, if you already are dealing with a Breut infection or other RAT, all standard anti-malware tactics and tools should be put into play as soon as possible. Until resolved, a Breut infection may give even barely-competent third parties total access to your PC and all the information on it.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.