Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Keylogger

From: Matthew Flaschen <matthew.flaschen () gatech edu>
Date: Mon, 13 Nov 2006 07:45:15 -0500
It doesn't sound like it's really a virus, if you have to "send[...] it
to someone, telling them to run it."  Just PO malware/trojan horse.

Matt FLaschen
Colin Copley wrote:

0_0 wrote:

-> Undetectable by ALL antivirus products in use today.

You don't mention if it stealths itself from the OS, or which ones are supported ?

I think AV customers would expect their vendors just to pay the ten dollars and be done with it, however they 
probably wouldn't want to support malware authors I guess.  So it might stick on someone's firewall, or a call to 
tech support about the error msg and an inquisitive IT admin might submit it.  Perhaps the hourly beacon might 
attract attention.  
I'm sure most of this list could code something similar / better but, assuming it wasn't mass mailed around, it might 
be interesting to see how long before AV's are detecting it, if at all.

Rgds
Colin


------------------------------------------------------------------------

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: