In this first of a 3-part video series and blog post, we show how a standard crimeware SDK like DarkComet can be used to build a custom RAT (or “Remote Administration Tool”) that easily evades standard AV yet provides total control of a target machine. DarkComet shot to fame (or infamy) as the tool of choice by Syrian government supports to spy on the opposition movement. It’s a go-to tool for less technical hackers because, as we show in the video, its simple UI makes rolling your own malware a breeze even for a beginner. Better yet, DarkComet has extensive options for customizing the functionality and minimising the chances of blocking or detection by AV and other signature-based security solutions. In the example here we show the complete hack cycle from creation of the malware dropper through compromise to retrieving any requested data from the target machine and netowrk.
Bookmark our YouTube channel or add our blog to your RSS feed to get our subsequent posts where we’ll show ECAT detection and analysis.
Our mailing list
Silicium Security has been acquired by EMC and is now part of RSA, The Security Division of EMC. Find more details here . The ECAT team is based in Quebec, Canada. For more information about ECAT Advanced Malware Detection, email us at firstname.lastname@example.org or get our full contact details here. You can stay updated by subscribing to our newsletter or our blog.