I Team

Hackers use Remote Access Trojan, or RAT, attacks to force way into computer, access accounts

ByJason Knowles and Ann Pistone WLS logo

Thursday, February 29, 2024

Hackers can brute force onto your computer using Remote Access Trojan files

A new form of computer hacking attack called a Remote Access Trojan hack, or a RAT, cost one suburban woman more than $9,000 before she was able to recover the money.

CHICAGO (WLS) -- A new form of computer hacking attack called a Remote Access Trojan hack, or a RAT, cost one suburban woman more than $9,000 before she was able to recover the money.

"The hackers are getting really, really creative," said Ashley Klemm.

Klemm's computer was hacked and $9,214 dollars stolen from her PayPal account.

Experts said Klemm's home computer was likely the victim of a RAT attack which allowed the hackers to control it and easily access her accounts, like PayPal, even without Klemm giving them permission for remote access.

"They are built to install in one click. They are built to leave no traces on the computer," said Bogdan Botezatu, an information security specialist at cybersecurity firm Bitdefender.

After the hackers had access to her computer and accounts, they diverted her money to themselves through another bank account which they linked to her PayPal account. She filed a claim with PayPal, but didn't have any luck.

"They did decline it, saying that the IP address for my computer, it was showing that all the activity was coming through my computer," she said.

Klemm quickly reached out to the other bank where hackers diverted the money. That bank reversed that transaction, getting her $9,000 back to her. That bank told the I-Team it reported the incident to authorities. Klemm also filed a report with the FBI and Algonquin Police.

"You've got to be really persistent," she said.

PaypPal said it works tirelessly to protect customers, that this appears to be a device security issue and is not a PayPal specific matter. The company said it sends an alert to consumers when new bank accounts are added to PayPal accounts. Klemm said she never received that notification. Experts say that those scammers in her computer could have deleted it.

So how can you protect yourself?

"One of the most effective ways to stay away is to install cyber security software," Botezatu said.

Make sure you research software before buying. Also beware of phishing links or picture files which can install the RAT malware.

"Turn off your computer at night. So they can't get into it," Klemm added.

Klemm said she had enabled two-factor authentication, but that would not help in this type of computer hack because criminals can access accounts where you are already signed in to on your own device.

PayPal's tips to protect your personal info: How to Better Protect Your Account | PayPal US

Report a correction or typo