Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Response

DarkComet RAT - It is the END!

Created: 09 Jul 2012 07:28:31 GMT • Updated: 23 Jan 2014 18:14:11 GMT • Translations available: 日本語
Symantec Security Response's picture
+1 1 Vote
Login to vote

The official website of DarkComet remote administration tool (RAT), detected by Symantec as Backdoor.Breut, has published a statement, as shown below, explaining that the project has come to an end. The DarkComet RAT grabbed news headlines this year when it was used in the Syrian conflict to spy on regime supporters. The decision of the author to end the project comes on the heels of the apparent arrest of the Blackshades RAT project author, another similar remote administration tool that has also been used for nefarious purposes.  

The DarkComet RAT statement clearly outlines that the reason for the author deciding to now end this project is the misuse of the free tool and the law deeming the author to be partly responsible for this misuse.  While in the past authors of such tools believed that they were immune from prosecution by claiming that they were educational tools, arrests, starting with the alleged author of the infamous Mariposa botnet, have begun to wake up authors of such tools to the possibility that they could be breaking the law. These arrests are sending a message to the authors of such tools that they are not above the law and could face prosecution for their actions. The recent arrest of the Blackshades RAT project author and the end of this project may yet have further reverberations leading to the closure of other similar projects. Time will tell but any similar closures due to the risk of prosecution must be seen as a step in the right direction in combating the risk posed by such freely available tools.