Page 1 of 1
CIA
Posted: 03 Jun 2006, 10:18
by Mr_Vain
Does nyone know what`s going on with the CIA RAT ?I would like to have a new undetectable version since its the strongest trojan there is.
Posted: 13 Jun 2006, 11:43
by devilhunter
cant say its the best there was(and still is) another trojan which was created in '99 it was called trapdoor it gave u acces to anything on the users PC and deactivated antivirus software the bug was it slowed down ur pc
Posted: 13 Jun 2006, 12:29
by CommonStray
take the CIA RAT source and modify its signatures, that way antivirii progs wont pick it up
Posted: 13 Jun 2006, 12:32
by CommonStray
devilhunter wrote:cant say its the best there was(and still is) another trojan which was created in '99 it was called trapdoor it gave u acces to anything on the users PC and deactivated antivirus software the bug was it slowed down ur pc
almost all trojans give you full access to a system if its used correctly, filesystem, processes etc...some such as sub7 even allow you to do the matrix effect as seen in the movie, as well as screencaptures, print, cdrom open/close etc...
Posted: 13 Jun 2006, 15:41
by Mr_Vain
CircuitB0mB wrote:take the CIA RAT source and modify its signatures, that way antivirii progs wont pick it up
GREAT !!! erm...where can i find the src?
Posted: 13 Jun 2006, 21:59
by Nerdz
Can you simply use an unasm and change stuff like comments?
virii signatures
Posted: 14 Jun 2006, 08:36
by DNR
A quick surf on virus signatures only said that antiviri progs (which each use their own propriety way) scan for the signature of bytes that are in a certain order - adding bits to comments or padding the software may not hide the collection of bytes that it is looking for. Rewriting that tell-tale section could work - but then you'd be creating a new variant of said virii.
DNR