Saturday, May 18, 2013

2 ways how hackers send you SERVER VIRUSES and .EXE files via internet:

1. BINDER - is a software used to bind or combine two or more files in one file under one name and extension. The files to be binded can have any extension or icon. The user has choice to select the name, icon and various attributes of binded file. If binded file contains an application (in our case - RAT or keylogger), the application is also run when the actual binded file is run.thus Binder is used to for the following things
- To Hide Files (Key loggers, Rats , Viruses )
- To Bypass antivirus detection.


2. CRYPTER - is a software used to hide our viruses, keyloggers or tools from antiviruses so that they are not detected by antiviruses. Thus, a crypter is a program that allow users to crypt the source code of their program. Generally, antivirus work by splitting source code of application and then search for certain string within source code. If antivirus detects any certain malicious strings, it either stops scan or deletes the file as virus from system.

Crypter simply assigns hidden values to each individual code within source code. Thus, the source code becomes hidden. Hence, our crypted file becomes UD (undetactable ) or FUD* (fully undetectable )

*UD means undetected, so only a few antivirus programs detect it. FUD means fully undetected, so no antivirus detects it


No comments:

Post a Comment