[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Keylogger

To: "0 0" <0192a0339@xxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] Keylogger
From: "Colin Copley" <colin.75@xxxxxxxxxxxxxx>
Date: Mon, 13 Nov 2006 09:37:46 -0000

0_0 wrote:

-> Undetectable by ALL antivirus products in use today.

You don't mention if it stealths itself from the OS, or which ones are 
supported ?

I think AV customers would expect their vendors just to pay the ten dollars and 
be done with it, however they probably wouldn't want to support malware authors 
I guess.  So it might stick on someone's firewall, or a call to tech support 
about the error msg and an inquisitive IT admin might submit it.  Perhaps the 
hourly beacon might attract attention.  
I'm sure most of this list could code something similar / better but, assuming 
it wasn't mass mailed around, it might be interesting to see how long before 
AV's are detecting it, if at all.

Rgds
Colin

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Keylogger
  - From: Matthew Flaschen

References:
- [Full-disclosure] Keylogger
  - From: 0 0

Prev by Date: [Full-disclosure] [FLSA-2006:211760] Updated gzip package fixes security issues
Next by Date: Re: [Full-disclosure] Keylogger
Previous by thread: Re: [Full-disclosure] Keylogger
Next by thread: Re: [Full-disclosure] Keylogger
Index(es):
- Date
- Thread