Frutas RAT
Posted: August 15, 2013
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 2/10 |
---|---|
Infected PCs: | 61 |
First Seen: | August 15, 2013 |
---|---|
OS(es) Affected: | Windows |
The Frutas RAT is a Remote Access Tool and backdoor Trojan that is used in targeted attacks against various countries throughout Europe, North America and Asia. These attacks are especially concentrated against government institutions and various business sectors, and allow the infected computer to be controlled by a remote attacker. The Frutas RAT's functions may include stealing confidential information, installing other malware, blocking programs or creating various pop-up alerts, although they aren't limited to these attacks alone. SpywareRemove.com malware researchers continue to recommend that PC users with access to business or government computers take all appropriate precautions against the traditional infection vectors of targeted attacks, and use anti-malware programs when they're needed to remove a Frutas RAT infection.
The Frutas RAT: a Fruit that will not Taste So Sweet Once It Gets a Bite of Your Computer
The Frutas RAT is one of many backdoor Trojans that are intended to infect specific industrial or government systems through e-mail attachments and then grant criminals access to the infected computers through a backdoor connection. The Frutas RAT's distribution method is effective but not especially original: the Frutas RAT uses a Trojan dropper disguised as a PDF article that's themed for various political topics relevant to the country being attacked at the time. Victims who open the file attachment will see a legitimate article, but they also will subject their computers to concealed Frutas RAT installations.
SpywareRemove.com malware analysts have found that the Frutas RAT, which currently has a poor detection rate overall for most anti-malware products, includes basic attack functions such as:
- Terminating program processes arbitrarily.
- Stealing confidential information, particularly from various instant messaging programs, FTP clients and Web browsers.
- Using your PC's resources to launch Distributed-Denial-of-Service attacks.
- Downloading and installing potentially malicious files.
- Grabbing screen captures.
- Uninstalling or updating itself.
All of these functions are implemented through the instructions that the Frutas RAT receives from its backdoor connection; by default, an unattended Frutas RAT only will gather basic system information and transfer it to a C&C server while the Frutas RAT waits for further orders.
The Digital Pesticide to Cure Your Frutas RAT Infection
Since the Frutas RAT conceals its presence from any casual observation, having updated anti-malware tools available is critical to detecting and removing the Frutas RAT before the Frutas RAT can cause any long-term damage to your PC or any information stored on it. SpywareRemove.com malware experts especially note that, since this is far from the first time that crafted e-mail attachments have been used in targeting attacks to distribute a RAT, being cautious about which e-mail files you choose to open is also an excellent way of keeping the Frutas RAT off of your computer.
Mexico, Macau, the UK and the United States all are major countries currently targeted by the Frutas RAT's attack campaigns. However, other countries also have been targeted in lesser quantities, and current details lead to the conclusion that we most likely will be seeing further Frutas RAT attacks in the future.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.