RAT (remote access trojan)
Malware that gives an attacker complete remote control of an infected device — allowing them to view the screen, operate the camera, steal files, and more.
Also known as: remote access trojan, backdoor trojan
Last reviewed: 1 June 2026
A remote access trojan (RAT) is malware that opens a persistent backdoor on an infected device, giving an attacker administrative control from anywhere. Unlike legitimate remote desktop tools, a RAT is installed covertly and operates without the user's knowledge.
With a RAT, an attacker can view and control the screen in real time, access the webcam and microphone, browse and exfiltrate files, install additional malware, log keystrokes, and use the device as a proxy for further attacks. In the context of fraud, RATs are used to take over banking sessions, transfer funds, and defeat transaction-verification steps by manipulating what the victim sees on screen.
RATs are delivered through phishing attachments, fake software installers, and compromised downloads. Tech-support scammers often persuade victims to install legitimate remote-access tools (TeamViewer, AnyDesk) to achieve similar access.