R
Rootkit
What it is A rootkit is malware built to hide itself (and other malware) while giving an attacker high-level control of a system. It can live in user space, the kernel, the boot process (bootkit), or even device firmware. Once installed, it can mask ...
Resident Virus
What it is A resident virus is malware that loads part of itself into memory (RAM) and stays active after the original infected file has closed. Because its code hooks into system functions, it can silently infect other files as they are opened or ...
Remote Access Trojan (RAT)
What it is A Remote Access Trojan is malware that pretends to be legit software but secretly installs a back door. Once running, it gives an outsider admin-level control of the device: they can browse files, capture screens and keystrokes, turn on ...
Remcos (Remcos RAT)
What it is Remcos is a Windows remote access tool (RAT) sold by Breaking Security that’s widely abused by threat actors. Once on a system, it gives remote control: keylogging, screen capture, file exfiltration, command execution, and persistence. ...
Rogueware
What it is Rogueware (aka scareware or rogue security software) is a fake antivirus/optimizer that pretends your PC is infected, then pushes you to pay for a “full version” to fix invented problems. It uses alarming pop-ups, fake scans, and urgent ...
Robocall
What it is A robocall is an automated phone call that plays a recorded message when you pick up. Legit uses exist (school alerts, appointment reminders, public notices), but criminals abuse robocalls to push scams, fake tech support, and phishy ...
REvil Ransomware
What it is REvil is a high-impact ransomware family run as ransomware-as-a-service (RaaS). The core crew builds the malware and portal, while affiliates break in, steal data, and deploy the encryptor; profits are split between them. REvil uses ...
Reverse Proxy
What it is A reverse proxy is a helper server that sits on the internet in front of your website or app. People connect to the proxy first, and it quietly passes the request to the real server in the background, then brings the answer back. Think of ...
Reverse Lookup
What it is Reverse lookup is the process of taking an IP address and asking: which hostname/domain does this belong to? Instead of the usual DNS query (name → IP), it flips the direction (IP → name). This is useful for seeing who is behind an IP, ...
Reverse Engineering
What it is Reverse engineering is the practice of analyzing a finished product to understand how it works. In software, that means disassembly, decompilation, and dynamic debugging to recover logic, data formats, or protocols. In hardware, it can ...
Replay Attack
What it is A replay attack is when an attacker captures a valid network message (like a login or payment request) and sends it again to trick a system into granting access or repeating an action. The attacker doesn’t need to read or change the ...
Red Hat Hacker
What it is A red hat hacker is a vigilante or hacktivist who uses offensive techniques to advance a cause or punish perceived wrongdoing. Motivations are political, social, religious, or ideological. Tactics can mirror criminal groups - doxing, ...
RAR
What it is RAR is a proprietary archive format that compresses one or more files into a single container with the .rar extension. It supports strong compression, error-recovery records, multi-part volumes, and self-extracting archives. Newer RAR ...
RAM Scraping
What it is RAM scraping is when malware reads a process’s live memory to grab sensitive data in plaintext before it’s encrypted or after it’s decrypted. Classic targets are point-of-sale apps where payment card data briefly appears in RAM, but ...
Ramnit
What it is Ramnit is a Windows file-infecting worm with trojan capabilities. It can inject itself into EXE and DLL files, add malicious code to HTML pages, and spread via removable drives and network shares. Once established, it deploys backdoors, ...