“Once SubSeven is installed, hackers can initiate attacks that range from mildly irritating to extremely detrimental,” wrote security researcher Jamie Crapanzano in his paper Deconstructing SubSeven, the Trojan Horse of Choice. SubSeven could be used, for instance, to steal passwords and hide its identity, things a reasonable system administrator shouldn't do. It reached global popularity, and its features clearly set it apart from the legitimate remote access tool. As a matter of fact, it is believed that Sub7 is NetBus spelled backward, with the “ten” replaced by “seven.” SubSeven, allegedly built by mobman, took the game to a whole new level. NetBus inspired others, including the infamous Sub7 or SubSeven. “I can never get back the lost years,” Eriksson said. The media scandal that followed forced him to leave the country, and although he was acquitted in 2004, the damage was considerable. “For me it was unbelievable,” Eriksson told Swedish publication Expressen. The system administrators discovered them, and the law professor lost his job. The attacker planted 12,000 pornographic images on his computer, 3,500 of which featured child pornography. In 1999, someone downloaded NetBus and targeted Magnus Eriksson, a law professor at Lund University in Sweden. “However, if you didn’t already figure it out, it is still a very nice tool to use for the other purpose,” Kulakow wrote. The developer claimed he didn’t want NetBus to be used maliciously, saying it was “a legit remote admin tool,” security researcher Seth Kulakow wrote in a paper he published with the SANS Institute. NetBus, for instance, was created by Carl-Fredrik Neikter in 1998, and its name, translated from Swedish, means “NetPrank.” Yet, they were “innovative and disruptive,” Valeros says. These tools were built for amusement or just to show that it can be done. were among the first, followed by NetBus, Back Orifice and SubSeven. Soon after that, in 1996, their first malicious counterparts were created. The oldest legitimate remote access software was built in the late 1980s, when tools such as NetSupport appeared. RATs have come a long way since NokNok knocked on Windows computers and launched this new chapter in computer security history. RATs have become essential for any type of cybercriminal activity, being used by cybercriminals, nation-state hackers, as well as stalkers. “They kind of go down a little bit, and then they come back.” “Some of the RATs have been out for ten years now, and they're still getting used,” she says. While ransomware families come and go, RATs are known for their longevity and reemergence, says another researcher, Lindsay Kaye, the director of operational outcomes for Insikt Group at Recorded Future. “While most of the previous ones were focusing on Windows, we saw some diversity-other platforms like Mac, Linux, and Android were being supported.” “The number of RATs really, really took off,” Valeros said. She counted more than 250 RATs that surfaced in the 2010s as opposed to just 70 in the 2000s. Valeros said during a Virus Bulletin 2020 presentation that the number of RAT families grew rapidly in recent years. The two have spent the last few years trying to analyze the evolution of this type of malware, studying no less than 337 well-known families, looking at things such as functionalities, quality of the software, and purpose. It’s the malicious remote access software that interests security researchers Veronica Valeros and Sebastian García at the Czech Technical University in Prague.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |