Meet the fellows who spy on women through their webcams, Ars Technica

Policy / Civilization & Discontents

The Remote Administration Device is the revolver of the Internet’s Wild West.

by Nate Anderson – Mar 11, two thousand thirteen 12:30 am UTC

"See! That shit keeps popping up on my fucking computer!" says a blondie woman as she leans back on a couch, bottle-feeding a baby on her lap.

The woman is visible from thousands of miles away on a hacker’s computer. The hacker has infected her machine with a remote administration instrument (RAT) that gives him access to the woman’s screen, to her webcam, to her files, to her microphone. He sees her and the baby through a puny control window open on his Windows PC, then he determines to have a little joy. He comes in a series of shock and pornographic websites and sees them show up on the woman’s computer.

The woman is startled. "Did it scare you?" she asks someone off camera. A youthful man steps into the webcam framework. "Yes," he says. Both stare at the computer in horrified fascination. A picture of old naked dudes shows up in their Web browser, then vanishes as a McAfee security product blocks a "dangerous site."

"I think someone hacked into our computer," says the youthfull man.

Far away, the hacker opens his "Joy Manager" control panel, which provides a host of instruments for messing with his RAT victims. He can hide their Windows "Begin" button or the taskbar or the clock or the desktop, badly confusing many casual Windows users. He can have their computer speak to them. Instead, he lodges for popping open the remote computer’s optical drive.

Even over the webcam, the sound of shock is clear. "Stay right here," says the woman.

"Whoa. the DVD thing just opened," says the youthfull man.

The hacker sends the pair a message that reads "achoo!" and the youthful man laughs in astonishment. "Disconnect from the Internet," he says. "Your laptop’s going to go kaboom next."

The movie freezes, the mayhem lasting for slightly more than one minute. Copies of the incident aren’t hard to find. They’re on YouTube, along with thousands of other movies demonstrating RAT controller (or "ratters," as they will be called here) taunting, pranking, or toying with victims. But, of course, the kinds of people who see others through their own webcams aren’t likely to limit themselves to these sorts of mere hijinks—not when computers store and webcams record far more intimate material.

“i love messing with my female slaves”

"Man I feel dirty looking at these pics," wrote one forum poster at Hack Forums, one of the top "aboveground" hacking discussion sites on the Internet (it now has more than twenty three million total posts). The poster was referencing a 134+ page thread packed with the pics of female "marionettes" surreptitiously snapped by hackers using the women’s own webcams. "Poor people think they are alone in their private homes, but have no idea they are the laughing stock on HackForums," he continued. "It would be funny if one of these gimps venture into learning how to hack and comes across this thread."

Whether this would in fact be "funny" is unlikely. RAT operators have almost finish control over the computers they infect; they can (and do) browse people’s private pictures in search of erotic photos to share with each other online. They even have strategies for watching where women store the photos most likely to be compromising.

"I just use the file manager feature of my RAT in whatever one im using and in [a RAT called] cybergate I use the search feature to find those jpgs [JPEG picture files] that are ‘hidden’ unless u dig and dig and dig," wrote one poster. "A lot of times the marionette will download pics from their phone or digital camera and I witness on the remote desktop to see where they save em to and that’s usually where you’ll find the jackpot!"

For many ratters, however, the spying remains little more than a game. It might be an odd hobby, but it’s evidently no big deal to invade someone’s machine, rifle through the individual files, and see them silently from behind their own screens. "Most of my marionettes are boring," wrote one aspiring ratter. "Wish I could get some more women with webcams. It makes it more titillating when you can literally spy on someone. Even if they aren’t getting disrobed!"

One poster said he had already archived 200GB of webcam material from his subs. "Mostly I pick up the best bits (funny parts, the ‘good’ [sexual] stuff) and categorize them (name, address, passwords etc.), just for funsake," he wrote. "For me I don’t have the feeling of doing something perverted, it’s more or less a game, cat and mouse game, with all the bonuses included. The weirdest thing is, when I see the person you’ve been spying on in real life, I’ve had that a duo of times, it just makes me giggle, especially if it’s someone with an uber-weird-nasty habit."

By finding their way to forums packed with other ratters, these men—and they show up to be almost exclusively men—gain community validation for their deeds. "lol I have some good news for u guys we will all die sometime, truly glad to know that there are other people like me who do this shit," one poster wrote. "Always thought it was some kind of wierd sick fetish because i love messing with my woman gimps."

As another poster put it in a thread called ☆ ShowCase ☆ Dame Gimps On Your RAT, "We are all going to hell for this. " But he followed it with a smiley face.

Welcome to the weird world of the ratters. They operate fairly openly online, sharing the best technics for picking up fresh female gimps (and avoiding that most unwanted of creatures, "old perverted guys") in public forums. Even when their activities tour a victim’s webcam light and the unsettled victim reaches forward to put a chunk of gauze over the webcam, the basic attitude is humorous—Ha! You got us! On to the next sub!

And there are slew of gimps.

How it’s done

RAT devices aren’t fresh; the hacker group Cult of the Dead Cow famously released an early one called BackOrifice at the Defcon hacker convention in 1998. The lead author, who went by the alias Tormentor Dystic, called BackOrifice a instrument designed for "remote tech support aid and employee monitoring and administering [of a Windows network]." But the Cult of the Dead Cow press release made clear that BackOrifice was meant to expose "Microsoft’s Swiss cheese treatment to security." Compared to today’s devices, BackOrifice was primitive. It could treat the basics, tho’: logging keystrokes, restarting the target machine, transferring files inbetween computers, and snapping screenshots of the target computer.

Today, a cottage industry exists to build sophisticated RAT devices with names like DarkComet and BlackShades and to install and administer them on dozens or even hundreds of remote computers. When anti-malware vendors began to detect and clean these programs from infected computers, the RAT community built "crypters" to disguise the target code further. Today, serious ratters seek software that is presently "FUD"—fully undetectable.

Building an army of victims isn’t particularly complicated; ratters simply need to trick their targets into running a file. This is commonly done by seeding file-sharing networks with infected files and naming them after popular songs or movies, or through even more creative methods. "I seem to get a lot of female gimps by spreading Sims three with a [RAT] server on torrent sites," wrote one poster. Another turned to social media, where "I’ve been able to message random hot ladies on facebook (0 mutual friends) and infect (usually become friends with them too); with the right words anything is possible."

For those who can’t even manage this on their own, RAT experts hawk their slave-infecting expertise in e-books such as Rusty_v’s Spreading Guide v 7.0, a 22-page tome that goes for $14.95 (and which claims to be the best-selling book on Hack Forums). "Ever faced a situation where you have FUD server but cannot get victims?" goes the sales pitch. "Or maybe you’re getting a lot less installs compared to the amount of work you are putting in?" Followers of Rusty_v’s methods are told they can pick up 500-3,000 victims per day. The book is "noob friendly" and features "many screenshots."

And if even this handholding isn’t enough, more successful ratters sometimes rent out marionettes they have already infected. In other cases, they simply arm them off to others in a "Free Lady Victim Giveaway."

Calling most of these guys "hackers" does a real disservice to hackers everywhere; only minimal technical skill is now required to deploy a RAT and acquire victims. Once infected, all the common RAT software provides a control panel view in which one can see all current victims, their locations, and the status of their machines. With a few clicks, the operator can begin watching the screen or webcam of any marionette presently online.

The process is now elementary enough that some ratters engage in it without knowing how RATs indeed work or even how vulnerable they are to being caught. Back in 2010, one Hack Forums member entered the RAT subforum worried about going to jail. He had hacked a Danish family’s computer in order to get a child’s Steam account credentials, but the Danish kid realized that something was wrong and called in his mother and older brother. The hacker included a picture of all three of them looking down at the computer, the junior kid sobbing, the mother stern.

"They told me they would call the cops, etc and im going to jail?!" said the hacker. "WHAT DO I DO!? DO I GIVE THEM THE SHIT BACK OR UNINSTALL THEM FROM MY RAT!?"

Then, a few minutes later, when the hacker witnessed the mother with a phone in her arm, he returned to say, "im wiggling irl [in real life]. I hope I won’t get caught. hes mom & dad was at the phone calling the cops, while him & his brother was MAD blubbering, i already laughed for 30mins+ until it got serious about his mom & dad."

"LOL, don’t worry you ain’t going to jail," another member responded.

This is very likely true; few such ratters are ever found.

Meet the fellows who spy on women through their webcams, Ars Technica

Policy / Civilization & Discontents

The Remote Administration Instrument is the revolver of the Internet’s Wild West.

by Nate Anderson – Mar 11, two thousand thirteen 12:30 am UTC

"See! That shit keeps popping up on my fucking computer!" says a platinum-blonde woman as she leans back on a couch, bottle-feeding a baby on her lap.

The woman is visible from thousands of miles away on a hacker’s computer. The hacker has infected her machine with a remote administration instrument (RAT) that gives him access to the woman’s screen, to her webcam, to her files, to her microphone. He observes her and the baby through a petite control window open on his Windows PC, then he determines to have a little joy. He comes in a series of shock and pornographic websites and sees them show up on the woman’s computer.

The woman is startled. "Did it scare you?" she asks someone off camera. A youthfull man steps into the webcam framework. "Yes," he says. Both stare at the computer in horrified fascination. A picture of old naked studs emerges in their Web browser, then vanishes as a McAfee security product blocks a "dangerous site."

"I think someone hacked into our computer," says the youthfull man.

Far away, the hacker opens his "Joy Manager" control panel, which provides a host of instruments for messing with his RAT victims. He can hide their Windows "Commence" button or the taskbar or the clock or the desktop, badly confusing many casual Windows users. He can have their computer speak to them. Instead, he lodges for popping open the remote computer’s optical drive.

Even over the webcam, the sound of shock is clear. "Stay right here," says the woman.

"Whoa. the DVD thing just opened," says the youthfull man.

The hacker sends the pair a message that reads "achoo!" and the youthful man laughs in astonishment. "Disconnect from the Internet," he says. "Your laptop’s going to go kaboom next."

The movie freezes, the mayhem lasting for slightly more than one minute. Copies of the incident aren’t hard to find. They’re on YouTube, along with thousands of other movies demonstrating RAT controller (or "ratters," as they will be called here) taunting, pranking, or toying with victims. But, of course, the kinds of people who witness others through their own webcams aren’t likely to limit themselves to these sorts of mere hijinks—not when computers store and webcams record far more intimate material.

“i love messing with my damsel slaves”

"Man I feel dirty looking at these pics," wrote one forum poster at Hack Forums, one of the top "aboveground" hacking discussion sites on the Internet (it now has more than twenty three million total posts). The poster was referencing a 134+ page thread packed with the pics of female "gimps" surreptitiously snapped by hackers using the women’s own webcams. "Poor people think they are alone in their private homes, but have no idea they are the laughing stock on HackForums," he continued. "It would be funny if one of these gimps venture into learning how to hack and comes across this thread."

Whether this would in fact be "funny" is unlikely. RAT operators have almost accomplish control over the computers they infect; they can (and do) browse people’s private pictures in search of erotic pics to share with each other online. They even have strategies for watching where women store the photos most likely to be compromising.

"I just use the file manager feature of my RAT in whatever one im using and in [a RAT called] cybergate I use the search feature to find those jpgs [JPEG picture files] that are ‘hidden’ unless u dig and dig and dig," wrote one poster. "A lot of times the sub will download pics from their phone or digital camera and I witness on the remote desktop to see where they save em to and that’s usually where you’ll find the jackpot!"

For many ratters, however, the spying remains little more than a game. It might be an odd hobby, but it’s evidently no big deal to invade someone’s machine, rifle through the private files, and observe them silently from behind their own screens. "Most of my subs are boring," wrote one aspiring ratter. "Wish I could get some more damsels with webcams. It makes it more titillating when you can literally spy on someone. Even if they aren’t getting disrobed!"

One poster said he had already archived 200GB of webcam material from his subs. "Mostly I pick up the best bits (funny parts, the ‘good’ [sexual] stuff) and categorize them (name, address, passwords etc.), just for funsake," he wrote. "For me I don’t have the feeling of doing something perverted, it’s more or less a game, cat and mouse game, with all the bonuses included. The weirdest thing is, when I see the person you’ve been spying on in real life, I’ve had that a duo of times, it just makes me giggle, especially if it’s someone with an uber-weird-nasty habit."

By finding their way to forums packed with other ratters, these men—and they emerge to be almost exclusively men—gain community validation for their deeds. "lol I have some good news for u guys we will all die sometime, indeed glad to know that there are other people like me who do this shit," one poster wrote. "Always thought it was some kind of wierd sick fetish because i love messing with my female gimps."

As another poster put it in a thread called ☆ ShowCase ☆ Chick Victims On Your RAT, "We are all going to hell for this. " But he followed it with a smiley face.

Welcome to the weird world of the ratters. They operate fairly openly online, sharing the best mechanisms for picking up fresh female subs (and avoiding that most unwanted of creatures, "old perverted boys") in public forums. Even when their activities journey a victim’s webcam light and the unsettled victim reaches forward to put a chunk of gauze over the webcam, the basic attitude is humorous—Ha! You got us! On to the next gimp!

And there are slew of subs.

How it’s done

RAT implements aren’t fresh; the hacker group Cult of the Dead Cow famously released an early one called BackOrifice at the Defcon hacker convention in 1998. The lead author, who went by the alias Master Dystic, called BackOrifice a instrument designed for "remote tech support aid and employee monitoring and administering [of a Windows network]." But the Cult of the Dead Cow press release made clear that BackOrifice was meant to expose "Microsoft’s Swiss cheese treatment to security." Compared to today’s devices, BackOrifice was primitive. It could treat the basics, tho’: logging keystrokes, restarting the target machine, transferring files inbetween computers, and snapping screenshots of the target computer.

Today, a cottage industry exists to build sophisticated RAT implements with names like DarkComet and BlackShades and to install and administer them on dozens or even hundreds of remote computers. When anti-malware vendors began to detect and clean these programs from infected computers, the RAT community built "crypters" to disguise the target code further. Today, serious ratters seek software that is presently "FUD"—fully undetectable.

Building an army of victims isn’t particularly complicated; ratters simply need to trick their targets into running a file. This is commonly done by seeding file-sharing networks with infected files and naming them after popular songs or movies, or through even more creative methods. "I seem to get a lot of female subs by spreading Sims three with a [RAT] server on torrent sites," wrote one poster. Another turned to social media, where "I’ve been able to message random hot ladies on facebook (0 mutual friends) and infect (usually become friends with them too); with the right words anything is possible."

For those who can’t even manage this on their own, RAT experts hawk their slave-infecting expertise in e-books such as Rusty_v’s Spreading Guide v 7.0, a 22-page tome that goes for $14.95 (and which claims to be the best-selling book on Hack Forums). "Ever faced a situation where you have FUD server but cannot get victims?" goes the sales pitch. "Or maybe you’re getting a lot less installs compared to the amount of work you are putting in?" Followers of Rusty_v’s methods are told they can pick up 500-3,000 marionettes per day. The book is "noob friendly" and features "many screenshots."

And if even this handholding isn’t enough, more successful ratters sometimes rent out victims they have already infected. In other cases, they simply palm them off to others in a "Free Lady Victim Giveaway."

Calling most of these guys "hackers" does a real disservice to hackers everywhere; only minimal technical skill is now required to deploy a RAT and acquire gimps. Once infected, all the common RAT software provides a control panel view in which one can see all current subs, their locations, and the status of their machines. With a few clicks, the operator can begin watching the screen or webcam of any victim presently online.

The process is now elementary enough that some ratters engage in it without knowing how RATs truly work or even how vulnerable they are to being caught. Back in 2010, one Hack Forums member entered the RAT subforum worried about going to jail. He had hacked a Danish family’s computer in order to get a child’s Steam account credentials, but the Danish kid realized that something was wrong and called in his mother and older brother. The hacker included a picture of all three of them looking down at the computer, the junior kid weeping, the mother stern.

"They told me they would call the cops, etc and im going to jail?!" said the hacker. "WHAT DO I DO!? DO I GIVE THEM THE SHIT BACK OR UNINSTALL THEM FROM MY RAT!?"

Then, a few minutes later, when the hacker spotted the mother with a phone in her arm, he returned to say, "im jiggling irl [in real life]. I hope I won’t get caught. hes mom & dad was at the phone calling the cops, while him & his brother was MAD sobbing, i already laughed for 30mins+ until it got serious about his mom & dad."

"LOL, don’t worry you ain’t going to jail," another member responded.

This is very likely true; few such ratters are ever found.

Meet the studs who spy on women through their webcams, Ars Technica

Policy / Civilization & Discontents

The Remote Administration Contraption is the revolver of the Internet’s Wild West.

by Nate Anderson – Mar 11, two thousand thirteen 12:30 am UTC

"See! That shit keeps popping up on my fucking computer!" says a towheaded woman as she leans back on a couch, bottle-feeding a baby on her lap.

The woman is visible from thousands of miles away on a hacker’s computer. The hacker has infected her machine with a remote administration device (RAT) that gives him access to the woman’s screen, to her webcam, to her files, to her microphone. He sees her and the baby through a petite control window open on his Windows PC, then he determines to have a little joy. He comes in a series of shock and pornographic websites and sees them emerge on the woman’s computer.

The woman is startled. "Did it scare you?" she asks someone off camera. A youthfull man steps into the webcam framework. "Yes," he says. Both stare at the computer in horrified fascination. A picture of old naked studs shows up in their Web browser, then vanishes as a McAfee security product blocks a "dangerous site."

"I think someone hacked into our computer," says the youthfull man.

Far away, the hacker opens his "Joy Manager" control panel, which provides a host of devices for messing with his RAT victims. He can hide their Windows "Embark" button or the taskbar or the clock or the desktop, badly confusing many casual Windows users. He can have their computer speak to them. Instead, he lodges for popping open the remote computer’s optical drive.

Even over the webcam, the sound of shock is clear. "Stay right here," says the woman.

"Whoa. the DVD thing just opened," says the youthfull man.

The hacker sends the pair a message that reads "achoo!" and the youthfull man laughs in astonishment. "Disconnect from the Internet," he says. "Your laptop’s going to go kaboom next."

The movie freezes, the mayhem lasting for slightly more than one minute. Copies of the incident aren’t hard to find. They’re on YouTube, along with thousands of other movies showcasing RAT controller (or "ratters," as they will be called here) taunting, pranking, or toying with victims. But, of course, the kinds of people who see others through their own webcams aren’t likely to limit themselves to these sorts of mere hijinks—not when computers store and webcams record far more intimate material.

“i love messing with my dame slaves”

"Man I feel dirty looking at these pics," wrote one forum poster at Hack Forums, one of the top "aboveground" hacking discussion sites on the Internet (it now has more than twenty three million total posts). The poster was referencing a 134+ page thread packed with the photos of female "gimps" surreptitiously snapped by hackers using the women’s own webcams. "Poor people think they are alone in their private homes, but have no idea they are the laughing stock on HackForums," he continued. "It would be funny if one of these victims venture into learning how to hack and comes across this thread."

Whether this would in fact be "funny" is unlikely. RAT operators have almost finish control over the computers they infect; they can (and do) browse people’s private pictures in search of erotic photos to share with each other online. They even have strategies for watching where women store the photos most likely to be compromising.

"I just use the file manager feature of my RAT in whatever one im using and in [a RAT called] cybergate I use the search feature to find those jpgs [JPEG picture files] that are ‘hidden’ unless u dig and dig and dig," wrote one poster. "A lot of times the sub will download pics from their phone or digital camera and I see on the remote desktop to see where they save em to and that’s usually where you’ll find the jackpot!"

For many ratters, however, the spying remains little more than a game. It might be an odd hobby, but it’s evidently no big deal to invade someone’s machine, rifle through the private files, and see them silently from behind their own screens. "Most of my marionettes are boring," wrote one aspiring ratter. "Wish I could get some more damsels with webcams. It makes it more titillating when you can literally spy on someone. Even if they aren’t getting unwrapped!"

One poster said he had already archived 200GB of webcam material from his subs. "Mostly I pick up the best bits (funny parts, the ‘good’ [sexual] stuff) and categorize them (name, address, passwords etc.), just for funsake," he wrote. "For me I don’t have the feeling of doing something perverted, it’s more or less a game, cat and mouse game, with all the bonuses included. The weirdest thing is, when I see the person you’ve been spying on in real life, I’ve had that a duo of times, it just makes me giggle, especially if it’s someone with an uber-weird-nasty habit."

By finding their way to forums packed with other ratters, these men—and they show up to be almost exclusively men—gain community validation for their deeds. "lol I have some good news for u guys we will all die sometime, indeed glad to know that there are other people like me who do this shit," one poster wrote. "Always thought it was some kind of wierd sick fetish because i love messing with my lady victims."

As another poster put it in a thread called ☆ ShowCase ☆ Dame Victims On Your RAT, "We are all going to hell for this. " But he followed it with a smiley face.

Welcome to the weird world of the ratters. They operate fairly openly online, sharing the best technologies for picking up fresh female marionettes (and avoiding that most unwanted of creatures, "old perverted studs") in public forums. Even when their activities journey a victim’s webcam light and the unsettled victim reaches forward to put a lump of gauze over the webcam, the basic attitude is humorous—Ha! You got us! On to the next gimp!

And there are slew of victims.

How it’s done

RAT contraptions aren’t fresh; the hacker group Cult of the Dead Cow famously released an early one called BackOrifice at the Defcon hacker convention in 1998. The lead author, who went by the alias Tormentor Dystic, called BackOrifice a instrument designed for "remote tech support aid and employee monitoring and administering [of a Windows network]." But the Cult of the Dead Cow press release made clear that BackOrifice was meant to expose "Microsoft’s Swiss cheese treatment to security." Compared to today’s devices, BackOrifice was primitive. It could treat the basics, however: logging keystrokes, restarting the target machine, transferring files inbetween computers, and snapping screenshots of the target computer.

Today, a cottage industry exists to build sophisticated RAT devices with names like DarkComet and BlackShades and to install and administer them on dozens or even hundreds of remote computers. When anti-malware vendors began to detect and clean these programs from infected computers, the RAT community built "crypters" to disguise the target code further. Today, serious ratters seek software that is presently "FUD"—fully undetectable.

Building an army of marionettes isn’t particularly complicated; ratters simply need to trick their targets into running a file. This is commonly done by seeding file-sharing networks with infected files and naming them after popular songs or movies, or through even more creative methods. "I seem to get a lot of female gimps by spreading Sims three with a [RAT] server on torrent sites," wrote one poster. Another turned to social media, where "I’ve been able to message random hot damsels on facebook (0 mutual friends) and infect (usually become friends with them too); with the right words anything is possible."

For those who can’t even manage this on their own, RAT experts hawk their slave-infecting expertise in e-books such as Rusty_v’s Spreading Guide v 7.0, a 22-page tome that goes for $14.95 (and which claims to be the best-selling book on Hack Forums). "Ever faced a situation where you have FUD server but cannot get victims?" goes the sales pitch. "Or maybe you’re getting a lot less installs compared to the amount of work you are putting in?" Followers of Rusty_v’s methods are told they can pick up 500-3,000 subs per day. The book is "noob friendly" and features "many screenshots."

And if even this handholding isn’t enough, more successful ratters sometimes rent out subs they have already infected. In other cases, they simply forearm them off to others in a "Free Damsel Sub Giveaway."

Calling most of these guys "hackers" does a real disservice to hackers everywhere; only minimal technical skill is now required to deploy a RAT and acquire marionettes. Once infected, all the common RAT software provides a control panel view in which one can see all current subs, their locations, and the status of their machines. With a few clicks, the operator can commence watching the screen or webcam of any gimp presently online.

The process is now elementary enough that some ratters engage in it without knowing how RATs indeed work or even how vulnerable they are to being caught. Back in 2010, one Hack Forums member entered the RAT subforum worried about going to jail. He had hacked a Danish family’s computer in order to get a child’s Steam account credentials, but the Danish kid realized that something was wrong and called in his mother and older brother. The hacker included a picture of all three of them looking down at the computer, the junior kid howling, the mother stern.

"They told me they would call the cops, etc and im going to jail?!" said the hacker. "WHAT DO I DO!? DO I GIVE THEM THE SHIT BACK OR UNINSTALL THEM FROM MY RAT!?"

Then, a few minutes later, when the hacker spotted the mother with a phone in her arm, he returned to say, "im jiggling irl [in real life]. I hope I won’t get caught. hes mom & dad was at the phone calling the cops, while him & his brother was MAD howling, i already laughed for 30mins+ until it got serious about his mom & dad."

"LOL, don’t worry you ain’t going to jail," another member responded.

This is very likely true; few such ratters are ever found.

Related video:

Leave a Reply

Your email address will not be published. Required fields are marked *