Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Latest News
    • Blogs
    • Security Watch

    Anonymous Member Plans Open Source Malware, Automated Tools

    By
    Fahmida Y. Rashid
    -
    August 2, 2011
    Share
    Facebook
    Twitter
    Linkedin

      Businesses often time big product announcements just before a big technology trade show, so why should hacktivist collective Anonymous be any different?

      A few days before the annual hacker conference Black Hat and DEFcon began in Las Vegas, a solitary developer who claim to be a member of the loose-knit group posted some code for open source malware tools on the text-sharing site PasteBin. The July 31 post discussed a development framework to develop malware, a new version of the distributed denial of service attack tool used by Anonymous and a set of tools to automate breaking into targeted systems.

      The developer, under the name OpenDev, updated the Low Orbit Ion Cannon software used to launch distributed denial-of-service attacks and will make it available to its “members” in September. This version of LOIC, which allows users to simultaneously launch attacks against a designated target, has been renamed to #RefRef.

      The new JavaScript tool is designed to use a target’s own computing power to help bring it down in a method called resource exhaustion. The previous version of LOIC caused servers to crash by drowning the server with a flood of page requests.

      Attacks are launched from the client-side by sending a script along with a normal server to the targeted server.

      #RefRef is supposed to hide the attacker’s identity better and to be able to run from any device that supports JavaScript, such as mobile devices and gaming consoles. LOIC doesn’t hide IP addresses or hide any information, which has helped law enforcement authorities arrest a number of people recently for participating in past Anonymous DDoS operations.

      OpenDev also will be releasing AnonWare, a framework for malware development written in C#. The malicious tool automates some of the virus-writing process to make it easier for beginners to get started and more efficient for experience writers, The TechHerald reported. It can be configured for Windows XP, Windows Vista and Windows 7.

      “Ultimately, I would love for it to become the de-facto standard for open source viruses…really hoping that people start sending in code improvements so that AnonWare can begin to reach this goal,” OpenDev said in an interview with the publication.

      The code snippets pasted on PasteBin is not malicious on its own, but the comments indicate how a developer can use the skeleton to create a malicious software.

      “Welcome to a new age of malware…one where AV software can’t pick out the latest tweaks of malware…one where the malware is open source and always changing, improving, evading,” according to the PasteBin post.

      A Sophos threat researcher told the TechHerald that AnonWare was “an unimpressive, amateurish ad-hoc C# compiler that doesn’t do much of anything for anyone they couldn’t do with a different compiler.”

      Finally, OpenDev released an “auto-hacking” app called winAUTOPWN that bundles more than 500 exploits for known security flaws in commercial software, executables to run the exploits, a multi-threaded PortScanner and an exploit loading framework. The bundle is designed to be used to crack a target in an automated manner, which will leave fewer tracks and minimize the risks of getting caught.

      Avatar
      Fahmida Y. Rashid

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×