| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <046D7511B5DBFC41B4CF3E696EB2CC2032A1F0@cdfnexc7.NA.Sappi.com> From: James.Cupps at sappi.com (James.Cupps@...pi.com) Subject: Rootkit For Spyware? Hide your adware from It depends on which kit they based it on. My guess is these guys weren't good enough to do the coding themselves so they stole someone else's code. Of course I can' t think of any rootkits under any kind of license so I guess it isn't really stealing. Maybe the kits' authors should track these bozo's down and ask for some compensation. They are probably good enough to find them. James Cupps Information Security Officer -----Original Message----- From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Darren Reed Sent: Thursday, September 23, 2004 5:25 AM To: Matt Cc: GuidoZ; Will Image; full-disclosure@...ts.netsys.com Subject: Re: [Full-Disclosure] Rootkit For Spyware? Hide your adware from In some mail from Matt, sie said: > > GuidoZ wrote: > > Interesting indeed. Although, I imagine this was a spam email, and I > > never believe (nor buy) anything from spam. I wondr how credible this > > really is. If there was such a way to do what they claim, don't you > > think it would have been big news? >One would think you wouldn't first > > hear about it through spam. > > > It is quite possible to hide processes, reg keys and files, and is often > done by various malware. Are they capable of hiding from "ps" when using the posix shell from "Windows Services for Unix" ? Darren _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html <http://lists.netsys.com/full-disclosure-charter.html> This message may contain information which is private, privileged or confidential and is intended solely for the use of the individual or entity named in the message. If you are not the intended recipient of this message, please notify the sender thereof and destroy / delete the message. Neither the sender nor Sappi Limited (including its subsidiaries and associated companies) shall incur any liability resulting directly or indirectly from accessing any of the attached files which may contain a virus or the like. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040923/3faa50b3/attachment.html
Powered by blists - more mailing lists