Remote Admin Tools May Not Be Clever Enough For Their Own Good

ancientribe writes "A couple of college interns have discovered that remote administration tools (RATs) often used for cyberspying and targeted cyberattacks contain common flaws that ultimately could be exploited to help turn the tables on the attackers. RATs conduct keylogging, screen and camera capture, file management, code execution, and password-sniffing, and give the attacker a foothold in the infected machine as well as the targeted organization. This new research opens the door for incident responders to detect these attacker tools in their network and fight back."

There's a book which covers this

If you're interested in this king of thing, Pick up "Aggressive network self-defence" It's a really interesting book full of stuff like this.