Jump to content

Remote desktop software

From Wikipedia, the free encyclopedia
(Redirected from Remote Access Trojan)

In computing, the term remote desktop refers to a software- or operating system feature that allows a personal computer's desktop environment to be run remotely from one system (usually a PC, but the concept applies equally to a server or a smartphone), while being displayed on a separate client device. Remote desktop applications have varying features. Some allow attaching to an existing user's session and "remote controlling", either displaying the remote control session or blanking the screen. Taking over a desktop remotely is a form of remote administration.

Overview

[edit]

Remote access can also be explained as the remote control of a computer by using another device connected via the internet or another network. This is widely used by many computer manufacturers and large businesses help desks for technical troubleshooting of their customer's problems.

Remote desktop software captures the mouse and keyboard inputs from the local computer (client) and sends them to the remote computer (server).[1] The remote computer in turn sends the display commands to the local computer. When applications with many graphics including video or 3D models need to be controlled remotely, a remote workstation software that sends the pixels rather than the display commands must be used to provide a smooth, like-local experience.

Remote desktop sharing is accomplished through a common client/server model. The client, or VNC viewer, is installed on a local computer and then connects via a network to a server component, which is installed on the remote computer. In a typical VNC session, all keystrokes and mouse clicks are registered as if the client were actually performing tasks on the end-user machine.[2]

Remote desktops also have a major advantage for security development, companies are able to permit software engineers who may be dispersed geographically to operate and develop from a computer which can be held within the companies office or cloud environment.

The target computer in a remote desktop scenario is still able to access all of its core functions. Many of these core functions, including the main clipboard, can be shared between the target computer and remote desktop client.

Since the onset of COVID-19, the shift to remote-work environments has led many to work from home with devices without enterprise IT support. As a result, these workers are reliant on remote desktop software to collaborate and keep their systems available and secure.[3]

Uses

[edit]

A main use of remote desktop software is remote administration and remote implementation. This need arises when software buyers are far away from their software vendor. Most remote access software can be used for "headless computers": instead of each computer having its own monitor, keyboard, and mouse, or using a KVM switch, one computer can have a monitor, keyboard, mouse, and remote control software, and control many headless computers. The duplicate desktop mode is useful for user support and education. Remote control software combined with telephone communication can be nearly as helpful for novice computer-users as if the support staff were actually there.

Remote desktop software can be used to access a remote computer: a physical personal computer to which a user does not have physical access, but that can be accessed or interacted with.[4] Unlike servers, remote computers are mainly used for peer to peer connections, where one device is unattended. A remote computer connection is generally only possible if both devices have a network connection.

Since the advent of cloud computing remote desktop software can be housed on USB hardware devices, allowing users to connect the device to any PC connected to their network or the Internet and recreate their desktop via a connection to the cloud. This model avoids one problem with remote desktop software, which requires the local computer to be switched on at the time when the user wishes to access it remotely. (It is possible with a router with C2S VPN support, and wake on LAN equipment, to establish a virtual private network (VPN) connection with the router over the Internet if not connected to the LAN, switch on a computer connected to the router, then connect to it.)

Remote desktop products are available in three models: hosted service, software, and appliance.

Tech support scammers use remote desktop software to connect to their victim's computer and will often lock out the computer if the victim does not cooperate.

Protocols

[edit]

Remote desktop protocols include the following:

Malicious variants

[edit]

A remote access trojan (RAT, sometimes called creepware)[6] is a type of malware that controls a system through a remote network connection. While desktop sharing and remote administration have many legal uses, "RAT" connotes criminal or malicious activity. A RAT is typically installed without the victim's knowledge, often as payload of a Trojan horse, and will try to hide its operation from the victim and from computer security software and other anti-virus software.[7][8][9][10][11][12]

Notable examples

[edit]

See also

[edit]

References

[edit]
  1. ^ "Remote Desktop Software". ITarian.com. Retrieved 1 May 2019.
  2. ^ Virtual Network Computing (VNC): Making Remote Desktop Sharing Possible. Businessnewsdaily.com (2013-11-07). Retrieved on 2014-02-27.
  3. ^ Manson, Jonathan (3 April 2022). "Remote Desktop Software as a forensic resource". Journal of Cyber Security Technology. 6 (1–2): 1–26. doi:10.1080/23742917.2022.2049560. ISSN 2374-2917.
  4. ^ "What is Remote Computer? – Definition from Techopedia". Techopedia.com. Retrieved 10 June 2020.
  5. ^ "VMware Announces Strategic Licensing and Co-development Agreement with Teradici for True Remote PC User Experience Further Bolstering its vClient Initiative". VMware News Releases. VMware. Retrieved 1 June 2013.
  6. ^ "Creepware — Who's Watching You?". Symantec Security Response. 10 December 2013.
  7. ^ "Remote Server Administration Tools for Windows 7". Microsoft TechNet. Microsoft. 4 June 2009. Retrieved 4 February 2011.,
  8. ^ "Danger: Remote Access Trojans". Microsoft TechNet. September 2002. Retrieved 5 February 2011.
  9. ^ "Understanding the Windows NT Remote Access Service". Microsoft TechNet. Microsoft. Retrieved 5 February 2011.
  10. ^ "Netsh commands for remote access (ras)". Microsoft TechNet. Microsoft. 21 January 2005. Retrieved 5 February 2011.
  11. ^ "RAS Registry Modification Allowed Without Administrative Rights". Microsoft TechNet. Microsoft. Retrieved 5 February 2011.
  12. ^ "Computer RATS – Protecting Your Self". HowTheyHack. July 2013. Archived from the original on 14 March 2016. Retrieved 17 July 2013.
  13. ^ "Code Access Security and bifrost". CodingHorror.com. 20 March 2007. Retrieved 5 February 2011.
  14. ^ "BlackShades: Arrests in computer malware probe". BBC News. Retrieved 20 May 2014.
  15. ^ "Remarks Prepared for Delivery by Special Agent in Charge Leo Taddeo at Blackshades Press Conference". fbi.gov. Federal Bureau of Investigation. Retrieved 20 May 2014.
  16. ^ Denbow, Shawn. "pest control: taming the rats" (PDF). Retrieved 5 March 2014.
  17. ^ Aylward, Laura. "Malware analysys – Dark Comet RAT". Contextis. Archived from the original on 26 April 2014. Retrieved 5 March 2014.
  18. ^ "Brisbane teenager built spyware used by domestic violence perpetrators across world, police allege". the Guardian. 30 July 2022. Retrieved 23 September 2022.
  19. ^ "Advice for potential victims of IM-RAT malware". Australian Federal Police. 29 November 2019. Retrieved 23 September 2022.
  20. ^ "International crackdown on RAT spyware, which takes total control of victims' PCs". Europol. Retrieved 23 September 2022.
  21. ^ "Cybercrime Network focuses on support to victims of malware". European Union Agency for Criminal Justice Cooperation. Retrieved 23 September 2022.
[edit]