{"id":51,"date":"2012-08-16T18:59:57","date_gmt":"2012-08-17T01:59:57","guid":{"rendered":"http:\/\/dshsolutions.com\/wordpress\/?p=51"},"modified":"2012-08-16T18:59:57","modified_gmt":"2012-08-17T01:59:57","slug":"taken-over","status":"publish","type":"post","link":"https:\/\/dshsolutions.com\/wordpress\/taken-over\/","title":{"rendered":"Taken Over"},"content":{"rendered":"<p>According to <a title=\"Neil J. Rubenking\" href=\"http:\/\/securitywatch.pcmag.com\/author-bio\/neil-j.-rubenking\" target=\"_blank\" rel=\"noopener\">Neil J. Rubenking <\/a>taking over your computer remotely appears to be ridiculously easy, as long as you&#8217;re a bit gullible and don&#8217;t have any antivirus productions.\u00a0 Apparently he&#8217;s done it, along with several other tech journalists as part of a recent McAfee Consumer Journalist Day at McAfee Headquarters in Santa Clara.<\/p>\n<p>Each of hte journalists was provided a laptop already running VMWare virtual machines.\u00a0 One VM represented the attacker and the other the victim, with no outside connection for safety&#8217;s sake.<\/p>\n<p>Starting with the installation of Shark Trojan, they got to work.\u00a0 Shark Trojan bills itself as &#8220;an advanced reverse connecting, firewall bypassing remote administration tool,&#8221; and warns the user not to use it to do anything illegal.\u00a0 This, and other similar tools, are available for prices that rarely exceed 2 figures.<\/p>\n<p>Shark, according to Rubenking,<\/p>\n<blockquote><p>&#8220;makes hacking so simple it&#8217;s ridiculous, especially with the script of instructions supplied by McAfee. With one click I created a server to handle command and control for my attack. Binding my Trojan attack to a legitimate (but outdated) McAfee antivirus tool was equally simple. Had the script called for it, I could have configured the Trojan to lay low if it detected certain tracking tools. Finished with setup, I copied my Trojanized antivirus into the web server&#8217;s download folder.<\/p>\n<p>Viewed in a browser, that server serves up a site that looks exactly like McAfee&#8217;s. You have to look closely to notice that the URL says &#8220;macfee.com.&#8221; I sent an official-looking email to the victim system with a link to my evil creation, then switched to the victim&#8217;s virtual machine and launched the link.<\/p>\n<p>Back on the attacker system, I immediately saw the victim show up in the Shark console. From that console I had virtually total control over the victim. I launched a DOS shell, viewed and changed Registry entries, tweaked files, launched programs, and manipulated services, all with simple commands from the console. I installed a keylogger, typed a little in the victim system, and verified that the keystrokes were captured.<\/p>\n<p>As a final act of simulated malice, I copied a virus to the victim&#8217;s system and launched it. Back on the victim system I ran the Trojanized antivirus, which functioned in detection-only mode. It found hundreds of infected files. That poor victim was completely and totally pwned.&#8221;<\/p><\/blockquote>\n<p>While this venture took place on a virtual machine on a virtual network and harmed no one, it was increasingly apparent how easy it would be for any ordinary hacker or wannabe to go after any oblivious person or machine.<\/p>\n<p>Word to the wise:\u00a0 be careful what you click AND Get Your Antivirus Running!!!<\/p>\n<p>Read the entire article <a title=\"Cyber Crook For A Day!\" href=\"http:\/\/securitywatch.pcmag.com\/none\/301188-cyber-crook-for-a-day\" target=\"_blank\" rel=\"noopener\">here<\/a>.<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>According to Neil J. Rubenking taking over your computer remotely appears to be ridiculously, as long as you&#8217;re a bit gullible and don&#8217;t have any antivirus productions.  Apparently he&#8217;s done it, along with several other tech journalists as part of a recent McAfee Consumer Journalist Day at McAfee Headquarters in Santa Clara.<\/p>\n<p>Each of hte journalists was provided a laptop already running VMWare virtual machines.  One VM represented the attacker and the other the victim, with no outside connection for safety&#8217;s sake.<\/p>\n<p>Starting with the installation of Shark Trojan, they got to work.  Shark Trojan bills itself as &#8220;an advanced reverse connecting, firewall bypassing remote administration tool,&#8221; and warns the user not to use it to do anything illegal.  This, and other similar tools, are available for prices that rarely exceed 2 figures.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2,5,9],"tags":[18,21,25,29],"class_list":["post-51","post","type-post","status-publish","format-standard","hentry","category-general-and-non-specific-topics","category-security-2","category-all-things-geeky","tag-firewall","tag-hacking","tag-malware","tag-security"],"_links":{"self":[{"href":"https:\/\/dshsolutions.com\/wordpress\/wp-json\/wp\/v2\/posts\/51","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dshsolutions.com\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dshsolutions.com\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dshsolutions.com\/wordpress\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dshsolutions.com\/wordpress\/wp-json\/wp\/v2\/comments?post=51"}],"version-history":[{"count":0,"href":"https:\/\/dshsolutions.com\/wordpress\/wp-json\/wp\/v2\/posts\/51\/revisions"}],"wp:attachment":[{"href":"https:\/\/dshsolutions.com\/wordpress\/wp-json\/wp\/v2\/media?parent=51"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dshsolutions.com\/wordpress\/wp-json\/wp\/v2\/categories?post=51"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dshsolutions.com\/wordpress\/wp-json\/wp\/v2\/tags?post=51"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}