Full Disclosure mailing list archives

RE: Rootkit For Spyware? Hide your adware from

From: James.Cupps () sappi com
Date: Thu, 23 Sep 2004 08:46:48 -0400

It depends on which kit they based it on. My guess is these guys weren't
good enough to do the coding themselves so they stole someone else's code.
Of course I can' t think of any rootkits under any kind of license so I
guess it isn't really stealing. Maybe the kits' authors should track these
bozo's down and ask for some compensation. They are probably good enough to
find them.

 

James Cupps
Information Security Officer



-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of Darren Reed
Sent: Thursday, September 23, 2004 5:25 AM
To: Matt
Cc: GuidoZ; Will Image; full-disclosure () lists netsys com
Subject: Re: [Full-disclosure] Rootkit For Spyware? Hide your adware from

 

In some mail from Matt, sie said:


GuidoZ wrote:

Interesting indeed. Although, I imagine this was a spam email, and I
never believe (nor buy) anything from spam. I wondr how credible this
really is. If there was such a way to do what they claim, don't you
think it would have been big news?  >One would think you wouldn't first
hear about it through spam.

It is quite possible to hide processes, reg keys and files, and is often
done by various malware.


Are they capable of hiding from "ps" when using the posix shell from
"Windows Services for Unix" ?

Darren

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
<http://lists.netsys.com/full-disclosure-charter.html> 

This message may contain information which is private, privileged or
confidential and is intended solely for the use of the individual or entity
named in the message. If you are not the intended recipient of this message,
please notify the sender thereof and destroy / delete the message. Neither
the sender nor Sappi Limited (including its subsidiaries and associated
companies) shall incur any liability resulting directly or indirectly from
accessing any of the attached files which may contain a virus or the like.

Current thread:

RE: Rootkit For Spyware? Hide your adware from James . Cupps (Sep 23)
- RE: Rootkit For Spyware? Hide your adware from Harlan Carvey (Sep 23)
- <Possible follow-ups>
- RE: Rootkit For Spyware? Hide your adware from James . Cupps (Sep 23)
- RE: Rootkit For Spyware? Hide your adware from James . Cupps (Sep 23)
  - Re: Rootkit For Spyware? Hide your adware from gadgeteer (Sep 24)