Home Malware Programs Remote Administration Tools Frutas RAT

Frutas RAT

Posted: August 15, 2013

Threat Metric

Threat Level: 2/10
Infected PCs: 61
First Seen: August 15, 2013
OS(es) Affected: Windows

The Frutas RAT is a Remote Access Tool and backdoor Trojan that is used in targeted attacks against various countries throughout Europe, North America and Asia. These attacks are especially concentrated against government institutions and various business sectors, and allow the infected computer to be controlled by a remote attacker. The Frutas RAT's functions may include stealing confidential information, installing other malware, blocking programs or creating various pop-up alerts, although they aren't limited to these attacks alone. SpywareRemove.com malware researchers continue to recommend that PC users with access to business or government computers take all appropriate precautions against the traditional infection vectors of targeted attacks, and use anti-malware programs when they're needed to remove a Frutas RAT infection.

The Frutas RAT: a Fruit that will not Taste So Sweet Once It Gets a Bite of Your Computer

The Frutas RAT is one of many backdoor Trojans that are intended to infect specific industrial or government systems through e-mail attachments and then grant criminals access to the infected computers through a backdoor connection. The Frutas RAT's distribution method is effective but not especially original: the Frutas RAT uses a Trojan dropper disguised as a PDF article that's themed for various political topics relevant to the country being attacked at the time. Victims who open the file attachment will see a legitimate article, but they also will subject their computers to concealed Frutas RAT installations.

SpywareRemove.com malware analysts have found that the Frutas RAT, which currently has a poor detection rate overall for most anti-malware products, includes basic attack functions such as:

  • Terminating program processes arbitrarily.
  • Stealing confidential information, particularly from various instant messaging programs, FTP clients and Web browsers.
  • Using your PC's resources to launch Distributed-Denial-of-Service attacks.
  • Downloading and installing potentially malicious files.
  • Grabbing screen captures.
  • Uninstalling or updating itself.

All of these functions are implemented through the instructions that the Frutas RAT receives from its backdoor connection; by default, an unattended Frutas RAT only will gather basic system information and transfer it to a C&C server while the Frutas RAT waits for further orders.

The Digital Pesticide to Cure Your Frutas RAT Infection

Since the Frutas RAT conceals its presence from any casual observation, having updated anti-malware tools available is critical to detecting and removing the Frutas RAT before the Frutas RAT can cause any long-term damage to your PC or any information stored on it. SpywareRemove.com malware experts especially note that, since this is far from the first time that crafted e-mail attachments have been used in targeting attacks to distribute a RAT, being cautious about which e-mail files you choose to open is also an excellent way of keeping the Frutas RAT off of your computer.

Mexico, Macau, the UK and the United States all are major countries currently targeted by the Frutas RAT's attack campaigns. However, other countries also have been targeted in lesser quantities, and current details lead to the conclusion that we most likely will be seeing further Frutas RAT attacks in the future.

Loading...