Posts tagged: Backdoor

Feb 27 2011

BlackHole RAT Beta – Mac OS X Trojan Horse

BlackHole is a variant of a well-known Remote Access Trojan (RAT) for Windows known as darkComet.
BlackHole RAT Client

“Hello, Im the BlackHole Remote Administration Tool.
I am a Trojan Horse, so i have infected your Mac Computer.
I know, most people think Macs can’t be infected, but look, you ARE Infected!
I have full controll over your Computer and i can do everything I want, and you can do nothing to prevent it.
So, Im a very new Virus, under Development, so there will be much more functions when im finished.
But for now, it’s okay what I can do?”

This message, displayed in the full screen window with the reboot button blocks user’s screen.

As even the malware itself admits, it is not yet finished, but it could be indicative of more underground programmers taking note of Apple’s increasing market share.

Functions :

  • Remote execution of shell commands.
  • Opens URL using victim’s default browser.
  • Sends a message which is displayed on the victims screen.
  • Creates a text file.
  • Perform shutdown, restart and sleep operation.
  • Popping up a fake “Administrator Password” window to phish the target.

Video Demonstration :

Oct 27 2008

TeraBIT Virus Maker 2.8 SE

TeraBIT Virus Maker 2.8 SE
(Backdoor.Win32.VB.bna)

Terabit Virusmaker

by m_reza00
Written in Visual Basic
Released in September 2007
Made in Iran

dropped files:
c:\WINDOWS\system32\csmm.exe
Size: 16,950 bytes

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon “Shell”
Old data: Explorer.exe
New data: explorer.exe C:\WINDOWS\system32\csmm.exe

Tested on Windows XP
September 19, 2007

Download :
http://rapidshare.com/files/96994198/TeraBIT_VM_2_1.8.zip.html