You dirty RAT! Part 1 – DarkComet

Jump to navigation Jump to search

(Publication) Google search: [1]

You dirty RAT! Part 1 – DarkComet
Botnet DarkComet
Botnet/malware group
Exploit kits
Distribution vector
Operation/Working group
Date 2012 / June 9, 2012
Editor/Conference Malwarebytes
Link (Archive copy)
Author Adam Kujawa


0 Comments By Adam Kujawa June 9, 2012 In Malware Intelligence

Last week, I talked a little about the Flame Trojan and how much the average user would need to worry about being infected with it, which is none. State-sponsored RAT malware, like Flame, would likely not infect average users and even in the off chance that it did, the operators behind the malware would probably remove the Trojan before being discovered. Its purpose is for very specifically targeted cyber-espionage, not stealing your Facebook password.

So are you completely safe from malware like Flame? Well not exactly. Take out the state-sponsored aspect of Flame and you’ve got a RAT or Remote Administration Trojan, of which there are many out there that are used every single day to spy on the average people. Before you get too freaked out, Malwarebytes Anti-Malware detects and removes these threats all the time, so don’t worry too much about being a victim as long as you properly protect your system.

This blog post is one of many which I am going to use to:

Discuss some of the RAT malware currently seen in the wild What they can do How they work How to protect yourself from them


 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1034,
   editor = {Malwarebytes},
   author = {Adam Kujawa},
   title = {You dirty RAT! Part 1 – DarkComet},
   date = {09},
   month = Jun,
   year = {2012},
   howpublished = {\url{}},