Remote administration Trojans (RATs) allow a hacker to have complete control of a PC and are one of the top reasons to take malicious mobile code seriously. Hackers can read what you are reading, record your keystrokes, capture screens you are viewing, record video and sound, manipulate devices, copy and delete files, play practical jokes on you, and a host of other options. One RAT claims to have over 200 different remote control features.

RATs have two parts: server and client. The server portion is uploaded to the victim’s PC where it then sends communications back to general hacker channels (Email, IRC, ICQ, etc.). Alternatively, the hacker can scan across entire subnets looking for Trojan TCP/IP ports. The waiting hacker then knows the IP address of the newly compromised system and can feed it into his client program. The client program contacts the server, and now the hacker can do whatever the RAT allows them to do. Some hackers download files and steal passwords. Others spend their time playing practical jokes on their victims. They may create fake error messages, open and close the CD-ROM tray, play sounds or video, invert the screen, or lock up the PC.

Several RATs are frequently found in the wild, including Back Orifice, ...