Hosting Provided By

found kuang2thevirus remote tool

From: John Public <johnqpublic2323(at)yahoo.com>
Date: Thu Jun 05 2003 - 08:59:00 EDT

Hi,

I posted earlier asking for help finding this tool but someone has already sent me an earlier version that seems to work. As soon as I am done with immediate concerns I will reverse the protocol and write an open source client for this thing. Apparently the kuang2 virus/trojan infects exe files as a virus, but also binds tcp port 17300 listening for remote control/update information without authentication.

I have seen first hand that Korea has a pandemic situation with this, and have tens of thousands of infected systems that attackers are actively using as a part of irc-controlled bot nets.

thanks,
jqp

Do you Yahoo!?
Yahoo! Calendar - Free online calendar with sync to Outlook(TM). http://calendar.yahoo.com

Received on Fri Jun 6 15:26:58 2003

This message: [ Message body ]
Next message: Oliver Karow: "Re: new tool: qahs"
Previous message: Dawes, Rogan (ZA - Johannesburg): "RE: new tool: qahs"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:36 EDT