A malicious software tool perhaps most famously used to hack RSA's SecurID infrastructure is still being used in targeted attacks, according to security vendor FireEye. Poison Ivy is a remote access Trojan (RAT) that was released eight years ago but is still favored by some hackers, FireEye wrote in a new report released Wednesday. It has a familiar Windows interface, is easy to use and can log keystrokes, steal files and passwords.