Honeypots mailing list archives
Re: RATs in our Honeypot
From: "Mark Ryan del Moral Talabis" <talabis () gmail com>
Date: Tue, 11 Apr 2006 09:14:23 +0800
Dear all, It seems that the malware "toolkit" website that I mentioned in my previous post has been taken down. For you guys that sent me emails for a copy of the malwares, you can download it at: http://www.philippinehoneynet.org/downloads/malware_samples.zip Password: infected Cheers! Ryan Talabis Philippine Honeynet Project http://www.philippinehoneynet.org Mark Ryan del Moral Talabis wrote:
RATs in our Honeypot We caught a hacker in our honeynet trying to download his "tools" into one of our honeypots. We decided to look into it and study the tools he is using. We started by tracing where his "toolkit" was located. The "toolkit" consisted of different flavors of malware: - Remote Administration Tools (RAT) and Backdoors(IRC) - Password Stealers - File Infectors - Network tools (scanners) - various Spywares Full analysis and malware samples: http://www.philippinehoneynet.org/data.php Cheers! Ryan Talabis Philippine Honeynet Project http://www.philippinehoneynet.org
Current thread:
- RATs in our Honeypot Mark Ryan del Moral Talabis (Apr 10)
- Message not available
- Re: RATs in our Honeypot Mark Ryan del Moral Talabis (Apr 10)
- Message not available
- <Possible follow-ups>
- Re: RATs in our Honeypot Stefan Kelm (Apr 12)