HackBackJack U up.

August 14, 2008

So the concept of hacking back is very simple.  The problem is no one wants to talk about it.  And it rarely gets done.  At least in the public domain.  There have been a ton of examples where malware has exploited vulnerbilities in bots/zombies to take over the Command and Control and update them with their own malcode.  There have been other examples of researchers exploiting botnets for research to identify C&C and decode the command sets.  

Then there is the actual attacking of botnets such as the ever popular STORM.   This is the really cool stuff unfortunately some people consider this research area TABOO which I think is bullshit.  Lots of malware have features to delete themselves and clean up their systems.  An attack on a bots commandset that tell it self to delete itself would have all kinds of benefits.

This is an example of a researcher from Bitsec who is reverse engineering malware trojans for bugs, writing exploits to them and then sending software to the attackers computer.  Hopefully to identify their name, and IP address.    This guy is pissed and “he aint gonna take it no Moe!”

The trojan he exploited was Bifrost which is a BAD ass Remote Access Tool “read TROJAN” that freaking does everything under the sun.  Its like Poison Ivy and other RATS which seem to be templated in code these days.  They are very very full featured.  A bunch of them can grab mic audio for bugging, and video capture from webcams giving a whole new voyeuristic side adventure to malicious attackers. 

Theres actually a ton of Youtube video on these things in action.  One of them showed HUNDREDS of webcams being viewed on the screen after the attacker logged in and connected to a ton of people that he compromised.  Can you say privacy is DEAD!! Or did it every exist. Do you feel violated yet?

Back to hackbacks.  There are a ton of opportunities for this, and it sort of comes from the Honeypot philosophy yet instead of sitting there waiting to be attacked, you do the attacking.  Recently


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: