lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
From: James.Cupps at sappi.com (James.Cupps@...pi.com)
Subject: Rootkit For Spyware? Hide your adware from

It depends on which kit they based it on. My guess is these guys weren't
good enough to do the coding themselves so they stole someone else's code.
Of course I can' t think of any rootkits under any kind of license so I
guess it isn't really stealing. Maybe the kits' authors should track these
bozo's down and ask for some compensation. They are probably good enough to
find them.

 

James Cupps
Information Security Officer



-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Darren Reed
Sent: Thursday, September 23, 2004 5:25 AM
To: Matt
Cc: GuidoZ; Will Image; full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] Rootkit For Spyware? Hide your adware from

 

In some mail from Matt, sie said:
>
> GuidoZ wrote:
> > Interesting indeed. Although, I imagine this was a spam email, and I
> > never believe (nor buy) anything from spam. I wondr how credible this
> > really is. If there was such a way to do what they claim, don't you
> > think it would have been big news?  >One would think you wouldn't first
> > hear about it through spam.
> >
> It is quite possible to hide processes, reg keys and files, and is often
> done by various malware.

Are they capable of hiding from "ps" when using the posix shell from
"Windows Services for Unix" ?

Darren

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
<http://lists.netsys.com/full-disclosure-charter.html> 

This message may contain information which is private, privileged or
confidential and is intended solely for the use of the individual or entity
named in the message. If you are not the intended recipient of this message,
please notify the sender thereof and destroy / delete the message. Neither
the sender nor Sappi Limited (including its subsidiaries and associated
companies) shall incur any liability resulting directly or indirectly from
accessing any of the attached files which may contain a virus or the like. 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040923/3faa50b3/attachment.html

Powered by blists - more mailing lists