HackBackJack U up.

August 14, 2008

So the concept of hacking back is very simple.  The problem is no one wants to talk about it.  And it rarely gets done.  At least in the public domain.  There have been a ton of examples where malware has exploited vulnerbilities in bots/zombies to take over the Command and Control and update them with their own malcode.  There have been other examples of researchers exploiting botnets for research to identify C&C and decode the command sets.  

Then there is the actual  such as the ever popular STORM.   This is the really cool stuff unfortunately some people consider this research area TABOO which I think is bullshit.  Lots of malware have features to delete themselves and clean up their systems.  An attack on a bots commandset that tell it self to delete itself would have all kinds of benefits.

This is an from Bitsec who is reverse engineering malware trojans for bugs, writing exploits to them and then sending software to the attackers computer.  Hopefully to identify their name, and IP address.    This guy is pissed and “he aint gonna take it no Moe!”

The trojan he exploited was Bifrost which is a BAD ass Remote Access Tool “read TROJAN” that freaking does everything under the sun.  Its like Poison Ivy and other RATS which seem to be templated in code these days.  They are very very full featured.  A bunch of them can grab mic audio for bugging, and video capture from webcams giving a whole new voyeuristic side adventure to malicious attackers. 

Theres actually a ton of Youtube video on these things in action.  One of them showed HUNDREDS of webcams being viewed on the screen after the attacker logged in and connected to a ton of people that he compromised.  Can you say privacy is DEAD!! Or did it every exist. Do you feel violated yet?

Back to hackbacks.  There are a ton of opportunities for this, and it sort of comes from the Honeypot philosophy yet instead of sitting there waiting to be attacked, you do the attacking.  Recently

Leave a Reply

WordPress.com Logo

Please log in to WordPress.com to post a comment to your blog.

Twitter picture

You are commenting using your Twitter account. (Log Out)

Facebook photo

You are commenting using your Facebook account. (Log Out)

Connecting to %s