lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 13 Nov 2006 07:45:15 -0500
From: Matthew Flaschen <matthew.flaschen@...ech.edu>
To: Colin Copley <colin.75@...nternet.com>,
full-disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: Keylogger
It doesn't sound like it's really a virus, if you have to "send[...] it
to someone, telling them to run it." Just PO malware/trojan horse.
Matt FLaschen
Colin Copley wrote:
> 0_0 wrote:
>
> -> Undetectable by ALL antivirus products in use today.
>
> You don't mention if it stealths itself from the OS, or which ones are supported ?
>
> I think AV customers would expect their vendors just to pay the ten dollars and be done with it, however they probably wouldn't want to support malware authors I guess. So it might stick on someone's firewall, or a call to tech support about the error msg and an inquisitive IT admin might submit it. Perhaps the hourly beacon might attract attention.
> I'm sure most of this list could code something similar / better but, assuming it wasn't mass mailed around, it might be interesting to see how long before AV's are detecting it, if at all.
>
> Rgds
> Colin
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
Download attachment "signature.asc" of type "application/pgp-signature" (251 bytes)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists