"See! That shit keeps popping up on my fucking computer!" says a blond woman as she leans back on a couch, bottle-feeding a baby on her lap.

The woman is visible from thousands of miles away on a hacker's computer. The hacker has infected her machine with a remote administration tool (RAT) that gives him access to the woman's screen, to her webcam, to her files, to her microphone. He watches her and the baby through a small control window open on his Windows PC, then he decides to have a little fun. He enters a series of shock and pornographic websites and watches them appear on the woman's computer.

The woman is startled. "Did it scare you?" she asks someone off camera. A young man steps into the webcam frame. "Yes," he says. Both stare at the computer in horrified fascination. A picture of old naked men appears in their Web browser, then vanishes as a McAfee security product blocks a "dangerous site."

"I think someone hacked into our computer," says the young man.

Far away, the hacker opens his "Fun Manager" control panel, which provides a host of tools for messing with his RAT victims. He can hide their Windows "Start" button or the taskbar or the clock or the desktop, badly confusing many casual Windows users. He can have their computer speak to them. Instead, he settles for popping open the remote computer's optical drive.

Even over the webcam, the sound of shock is clear. "Stay right here," says the woman.

"Whoa!... the DVD thing just opened," says the young man.

The hacker sends the pair a message that reads "achoo!" and the young man laughs in astonishment. "Disconnect from the Internet," he says. "Your laptop's going to go kaboom next."

The video freezes, the mayhem lasting for slightly more than one minute. Copies of the incident aren't hard to find. They're on YouTube, along with thousands of other videos showing RAT controller (or "ratters," as they will be called here) taunting, pranking, or toying with victims. But, of course, the kinds of people who watch others through their own webcams aren't likely to limit themselves to these sorts of mere hijinks—not when computers store and webcams record far more intimate material.

“i enjoy messing with my girl slaves”

"Man I feel dirty looking at these pics," wrote one forum poster at Hack Forums, one of the top "aboveground" hacking discussion sites on the Internet (it now has more than 23 million total posts). The poster was referencing a 134+ page thread filled with the images of female "slaves" surreptitiously snapped by hackers using the women's own webcams. "Poor people think they are alone in their private homes, but have no idea they are the laughing stock on HackForums," he continued. "It would be funny if one of these slaves venture into learning how to hack and comes across this thread."

Whether this would in fact be "funny" is unlikely. RAT operators have nearly complete control over the computers they infect; they can (and do) browse people's private pictures in search of erotic images to share with each other online. They even have strategies for watching where women store the photos most likely to be compromising.

"I just use the file manager feature of my RAT in whatever one im using and in [a RAT called] cybergate I use the search feature to find those jpgs [JPEG image files] that are 'hidden' unless u dig and dig and dig," wrote one poster. "A lot of times the slave will download pics from their phone or digital camera and I watch on the remote desktop to see where they save em to and that's usually where you'll find the jackpot!"

Women who have this done to them, especially when the spying escalates into blackmail, report feeling paranoia. One woman targeted by the California "sextortionist" Luis Mijangos wouldn't leave her dorm room for a week after Mijangos turned her laptop into a sophisticated bugging device. Mijangos began taunting her with information gleaned from offline conversations.

For many ratters, though, the spying remains little more than a game. It might be an odd hobby, but it's apparently no big deal to invade someone's machine, rifle through the personal files, and watch them silently from behind their own screens. "Most of my slaves are boring," wrote one aspiring ratter. "Wish I could get some more girls with webcams. It makes it more exciting when you can literally spy on someone. Even if they aren't getting undressed!"

One poster said he had already archived 200GB of webcam material from his slaves. "Mostly I pick up the best bits (funny parts, the 'good' [sexual] stuff) and categorize them (name, address, passwords etc.), just for funsake," he wrote. "For me I don't have the feeling of doing something perverted, it's more or less a game, cat and mouse game, with all the bonuses included. The weirdest thing is, when I see the person you've been spying on in real life, I've had that a couple of times, it just makes me giggle, especially if it's someone with an uber-weird-nasty habit."

By finding their way to forums filled with other ratters, these men—and they appear to be almost exclusively men—gain community validation for their actions. "lol I have some good news for u guys we will all die sometime, really glad to know that there are other people like me who do this shit," one poster wrote. "Always thought it was some kind of wierd sick fetish because i enjoy messing with my girl slaves."

As another poster put it in a thread called ☆ ShowCase ☆ Girl Slaves On Your RAT, "We are all going to hell for this..." But he followed it with a smiley face.

Welcome to the weird world of the ratters. They operate quite openly online, sharing the best techniques for picking up new female slaves (and avoiding that most unwanted of creatures, "old perverted men") in public forums. Even when their activities trip a victim's webcam light and the unsettled victim reaches forward to put a piece of tape over the webcam, the basic attitude is humorous—Ha! You got us! On to the next slave!

And there are plenty of slaves.

How it’s done

RAT tools aren't new; the hacker group Cult of the Dead Cow famously released an early one called BackOrifice at the Defcon hacker convention in 1998. The lead author, who went by the alias Sir Dystic, called BackOrifice a tool designed for "remote tech support aid and employee monitoring and administering [of a Windows network]." But the Cult of the Dead Cow press release made clear that BackOrifice was meant to expose "Microsoft's Swiss cheese approach to security." Compared to today's tools, BackOrifice was primitive. It could handle the basics, though: logging keystrokes, restarting the target machine, transferring files between computers, and snapping screenshots of the target computer.

Today, a cottage industry exists to build sophisticated RAT tools with names like DarkComet and BlackShades and to install and administer them on dozens or even hundreds of remote computers. When anti-malware vendors began to detect and clean these programs from infected computers, the RAT community built "crypters" to disguise the target code further. Today, serious ratters seek software that is currently "FUD"—fully undetectable.

Building an army of slaves isn't particularly complicated; ratters simply need to trick their targets into running a file. This is commonly done by seeding file-sharing networks with infected files and naming them after popular songs or movies, or through even more creative methods. "I seem to get a lot of female slaves by spreading Sims 3 with a [RAT] server on torrent sites," wrote one poster. Another turned to social media, where "I've been able to message random hot girls on facebook (0 mutual friends) and infect (usually become friends with them too); with the right words anything is possible."

For those who can't even manage this on their own, RAT experts hawk their slave-infecting expertise in e-books such as Rusty_v's Spreading Guide v 7.0, a 22-page tome that goes for $14.95 (and which claims to be the best-selling book on Hack Forums). "Ever faced a situation where you have FUD server but cannot get victims?" goes the sales pitch. "Or maybe you're getting a lot less installs compared to the amount of work you are putting in?" Followers of Rusty_v's methods are told they can pick up 500-3,000 slaves per day. The book is "noob friendly" and features "many screenshots."

And if even this handholding isn't enough, more successful ratters sometimes rent out slaves they have already infected. In other cases, they simply hand them off to others in a "Free Girl Slave Giveaway."

Calling most of these guys "hackers" does a real disservice to hackers everywhere; only minimal technical skill is now required to deploy a RAT and acquire slaves. Once infected, all the common RAT software provides a control panel view in which one can see all current slaves, their locations, and the status of their machines. With a few clicks, the operator can start watching the screen or webcam of any slave currently online.

The process is now simple enough that some ratters engage in it without knowing how RATs really work or even how vulnerable they are to being caught. Back in 2010, one Hack Forums member entered the RAT subforum worried about going to jail. He had hacked a Danish family's computer in order to get a child's Steam account credentials, but the Danish kid realized that something was wrong and called in his mother and older brother. The hacker included a picture of all three of them looking down at the computer, the younger kid crying, the mother stern.

"They told me they would call the cops, etc and im going to jail?!" said the hacker. "WHAT DO I DO!? DO I GIVE THEM THE SHIT BACK OR UNINSTALL THEM FROM MY RAT!?"

Then, a few minutes later, when the hacker saw the mother with a phone in her hand, he returned to say, "im shaking irl [in real life]... I hope I won't get caught... hes mom & dad was at the phone calling the cops, while him & his brother was MAD crying, i already laughed for 30mins+ until it got serious about his mom & dad."

"LOL, don't worry you ain't going to jail," another member responded.

This is probably true; few such ratters are ever found.