no guarantees on signal:noise are offered, honoured, or acknowledged. also, hi.

Shady RAT (not to be confused with Dirty Rat, or Damn Dirty Ape)

Ok, some brief thoughts on Shady RAT (not to be confused with Dirty Rat, or Damn Dirty Ape). McAfee and Symantec both have blog posts up, with their analysis of the pattern of attacks that McAfee has included under the Shady RAT banner.

McAfee’s blog post:

Revealed: Operation Shady RAT

Symantec’s blog post is here:

The Truth Behind the Shady RAT

Some may tend towards considering McAfee’s (and by extension, Symantec’s) post as FUD-mongering. I don’t. I consider it a potentially useful example (if not evidence) of the sort of baseline attack activity that most (all?) security professionals know is there, but aren’t necessarily good at proving. I don’t think either are unreasonable hyping-up of OMGWTFCYBERATTACKS!, but rather representing the baseline level of nastiness that exists on the Internet and any Internet-connected machine must content with. The Internet is a nasty neighbourhood, that is just a fact.

The main question, in my opinion, is this:
Do the McAfee and Symantec blogs constitute enough evidence to convince those who scoff at the idea that there are Bad People out there doing Bad Things?