[Full-disclosure] Keylogger
Matthew Flaschen
matthew.flaschen at gatech.edu
Mon Nov 13 12:45:15 GMT 2006
It doesn't sound like it's really a virus, if you have to "send[...] it
to someone, telling them to run it." Just PO malware/trojan horse.
Matt FLaschen
Colin Copley wrote:
> 0_0 wrote:
>
> -> Undetectable by ALL antivirus products in use today.
>
> You don't mention if it stealths itself from the OS, or which ones are supported ?
>
> I think AV customers would expect their vendors just to pay the ten dollars and be done with it, however they probably wouldn't want to support malware authors I guess. So it might stick on someone's firewall, or a call to tech support about the error msg and an inquisitive IT admin might submit it. Perhaps the hourly beacon might attract attention.
> I'm sure most of this list could code something similar / better but, assuming it wasn't mass mailed around, it might be interesting to see how long before AV's are detecting it, if at all.
>
> Rgds
> Colin
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 250 bytes
Desc: OpenPGP digital signature
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20061113/db77df2e/attachment.bin
Full-Disclosure is hosted and sponsored by Secunia.