The researchers, in conjunction with their research paper (PDF), released tools for decrypting RAT traffic and proof-of-concept exploits for the bugs they found. They found that the tools include weak, or no, encryption: Bandook, for example, uses obfuscation, not encryption, to protect its traffic between the victim’s machine and the C&C server.
“A good understanding of their protocols is critical to network and system administrators deploying tools that can notice the presence of a RAT,” they said.
RAT = Remote Administrative Tool which is a tool used by the bad guys to snoop on a victim. To the victim this is more commonly referred to as a trojan.