I'm praying for it to actually contain a keylogger so the script kiddies get self pwnd :p
Miscreants have created a point-and-click toolkit designed to make it easier to both create and distribute Trojans. The Trojan2Worm (T2W) toolkit turns any executable file into a worm with auto-spreading capabilities. As such it provides the ability for Trojan infection agents to acquire worm-like spreading abilities. The …
Virus and malware kits have been around for donkeys, I remember playing virus builder kits back around 1989. They are quite fun, especially when you start decompiling them to see what's happening inside. More than likely this is one of those ones put together using one of those AIO multimedia builder things. Usually by the time the kits are in the mainstream the AV companies have cataloged them to death, so the output is pretty much useless against popular AV vendors.
Nasty. Being boiled is too good for them. More cruft for s'kiddies to abuse Windows lusers. Article is thin on how the worm propagates. I'm guessing that a firewall will keep the bugger out and that it's intended as an email attachment that will run an internal (Windows) intranet ragged.
And how does a UFD infect your machine? Does Windows really autorun from UFDs? Or is this U3 or whatever nonsense? Will Microsoft never learn. Doesn't affect Linux of course.
Anyway, as ever the cure is get a real OS and install Linux.
And what are the odds that this "noob-friendly" tool quietly installs a rootkit on the unsuspecting scriptkiddy's PC for later exploitation? The user base of judgementally-challenged bozos who wouldn't think twice about running an "instant revenge kit" to wreak havoc on the PC of someone who wouldn't add them as a friend on MySpace must be huge.
I think the real question here is:
"If 0wning a PC is point and click, surely securing said PC should also be"
As for : "surely securing said PC should also be"
---> Looks like the "bad guys" work in teams, internetworking - when is the security industry going to do the same, and release similar tools for end users?
Is this not the proper way for such "SilverSurfers" to fight back ?
Microsoft have had a utility that allows ANY executable to run unchallenged as a Win32 service for yonks.
How is this any different?
The author of this piece needs to actually learn some programming; like IT employment agencies need to actually employ “consultants” who actually know what the fuck they are slavering about before asking you dim-witted questions. A background in IT (or at least the ability to actually operate a computer beyond turning it on) would be a start.
...that it probably is more stable than MS's commercial software, more compatible, and more user friendly. I wonder if it has a listing in add/remove programs to be uninstalled? (probably it's stand-alone and doesn't need such crap) And another sad thing is that these are obviously talented (although criminal) guys, that will probably never hold a high-paying, "respectable" job, with opportunity for growth, like MS would provide if these guys could get their feet in the door. Instead, they'll cause much human misery out of bitterness, indifference, and the sheer lack of opportunity that life (and their own choices) has provided them. They'll probably erratically make a few thousand or tens of thousands of dollars off their malware kit before being shaken down and incarcerated, mostly because of their own idiot bravado, while less talented (but more emotionally mature and experienced) developers coast on making their way in the world. <sigh> All of life disgusts me today...
You don't often see that level of professionalism nowadays.
Multi-language support from the getgo.
Got to lurve reflection effect on the application title, quite daring in design.
And isn't a Panda an endangered species?
Quite a lot of stuff is coming out of Spain, at the mo, perhaps crackers prefer tans?
Of course everything is possible at the click of a button, if some poor sap has written all the code underneath :)
I am getting my cow hide coat and going out through the back orifice.
"A background in IT ...." ..... By Greg Fleming Posted Wednesday 18th June 2008 17:58 GMT
Bonded Gilt Territory, Mr Fleming, ..... at ITs Uppity Echelons? A Fore Grounding in Intelligence will always render Substance to Shared Vision.
One of Blighty's Mighty Invisible Exports? ...... Proxy Virtual Systems Support ..... AI Facilitation and AIMentoring. ...... or a Private Offering to the Markets for CyberIntelAIgents? ...... with nothing to hinder IT being at least all five and therefore probably infinitely scalable/adaptable.
"Of course everything is possible at the click of a button, if some poor sap has written all the code underneath :)" .... By Anonymous Coward Posted Thursday 19th June 2008 05:39 GMT
Those poor saps will never ever be poor again, AC....... and they will Know All About the Value of Wealth and what you do with IT.
This is a Low-Profiled Threat Notice for HTool-T2W
HTool-T2W has been deemed Low-Profiled due to media attention at the following link: http://www.theregister.co.uk/2008/06/18/trojan_worm_toolkit/
Read About It
Information about HTool-T2W is located on VIL at: http://vil.nai.com/vil/content/v_146248.htm
HTool-T2W was first discovered on June 25, 2008 and detection will be added to the 5325 dat files (Release Date: June 25, 2008).
Though we consider this a low threat, An EXTRA.DAT file may be downloaded via the McAfee AVERT Extra.dat Request Page: <https://www.webimmune.net/extra/getextra.aspx>
If you suspect you have HTool-T2W, please submit a sample to <http://www.webimmune.net>
Risk Assessment Definition
For further information on the Risk Assessment and Avert Labs Recommended Actions please see: <http://www.mcafee.com/us/threat_center/outbreaks/virus_library/risk_assessment.html>
For breaking security information from McAfee® Avert® Labs visit:
McAfee Avert Labs Blog
AudioParasitics - The Official PodCast of McAfee Avert Labs http://podcasts.mcafee.com/audioparasitics
Sign up for McAfee® Avert® Labs Security Advisories http://www.mcafee.com/us/threat_center/securityadvisory/signup.aspx