Saturday, September 29, 2007

DIY Chinese Passwords Stealer

This DIY passwords stealer courtesy of a chinese hacking group is pitched as Vista Compatible, with a server size in less than 20kb, process injection, form grabbing and password stealing capabilities for anything keyloggable, anti virus software killing capabilities, and uploading of the results to a central location, in this particular case an example is given for notification via Tencent, China's main IM network. More info :

"Backdoor.Hupigon.GEN has rootkit functionality. It injects itself into Internet Explorer causing IE to hide itself. It also logs keystrokes and sends this information to remote servers."

Detection rate of the builder: Result: 15/32 (46.88%)
File size: 267213 bytes
MD5: a4b9c9f42629865c542ac7b823982843
SHA1: 78f855843d312ab76e1f8f0b912bd475781a8864

Here are several more recent releases by Chinese hacking groups, as well as a comment on the big picture.

No comments:

Post a Comment