RAT
Remote Access Trojan
A Remote Access Trojan is malware that gives an attacker persistent, covert control over a victim's system. RATs provide capabilities like file access, keylogging, screen capture, webcam activation, and command execution without the user's knowledge.
Cómo se usa en ciberseguridad
SOC analysts detect RAT activity by monitoring for unusual outbound connections, beaconing patterns, and suspicious process behavior. Incident responders analyze RAT samples to identify attacker infrastructure and determine the scope of compromise. Threat intelligence analysts track RAT families and their associated threat groups to inform defensive priorities.
Las definiciones son explicaciones originales escritas con fines de desarrollo profesional. Para definiciones técnicas autorizadas, consulta NIST, ISO o el organismo de normalización correspondiente.