Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

In the overwhelming sea of information, access to timely, insightful and independent open-source intelligence (OSINT) analyses is crucial for maintaining the necessary situational awareness to stay on the top of emerging security threats. This blog covers trends and fads, tactics and strategies, intersecting with third-party research, speculations and real-time CYBERINT assessments, all packed with sarcastic attitude

Thursday, February 07, 2019

Historical OSINT - Sub7 Crew Releases New Version on 11th Anniversary of The RAT

It's 2010 and I've recently came across to the following announcement at Sub7's Main Forum - the most ubiquitous trojan horse also known as Remote Access Tool circa the 90's on the upcoming release of a new version.

"People can buy unique FUD servers in the shop and custom clients can also be written to help you admin PC's remotely with your own features. These are selling well so be sure to grab your own custom version while we are offering them at this price. Please be advised there is currently a waiting list for this."

Sample detection rate:
- borlndmm.dll - Result: 0/42 (0%)
- EditServer.exe - Result: 10/42 (23.81%)
- Server.exe - Result: 18/41 (43.91%)
- SubSeven.exe - Result: 16/41 (39.03%)

Should The Scene the way we know it re-appear the way we know it? It appears that every then and now a new cybercrime-friendly tool is trying to materialize taking us back to what used to be The Scene circa the 90's.

Dancho Danchev

Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com