So, like always, ive been looking on the interwebz for some nice binders etc, to make undetectable keyloggers and so on.
Found a guy on youtube, who had one with only 2/46, so i thought ill give it a try. It was suspicious, since nothing happend after startin it, so i knew smt was wrong. Wireshark-->
Obviously, system recovery, change all passwords, and scan. Fine, seems like gone. However, i wonder if it cant be retraced, This smtp shit somehow makes a login to the email address, logs in, and sends a mail to himself, so somewhere, the passwords must be there too. Any ideas how to pwn this faggot?
If u need the files:
http://www64.zippyshare.com/v/36934011/file.html
http://www57.zippyshare.com/v/32753232/file.html
Both are viruses made by him, i think the second one is the 2/46, the other one has like 26/43 (virustotal). Any ideas appreciated.
Lessons learned: Enough is enough, from now on ill only compile shit from source. Or virtual machine, but im lazy.
Retrace the hacker
Re: Retrace the hacker
Ok, i managed to trace him back, and deleted everything i found. Facebook,yahoo, etc.
happy eastern...
happy eastern...
- Sethioz
- Admin
- Posts: 4763
- Joined: Fri Jul 27, 2007 5:11 pm
- Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz - Location: unknown
- Contact:
Re: Retrace the hacker
LOL, he actually had password in the tool? what an idiot ...
I would use SMTP or another email to email .. so if someone does reverse engineer it, then they would get my fake email and nothing else.
Shouldn't this be in owned section?
I would use SMTP or another email to email .. so if someone does reverse engineer it, then they would get my fake email and nothing else.
Shouldn't this be in owned section?
Re: Retrace the hacker
He had both password on tool, and password on the smtp email. However, his fake email was linked to his real gmail and facebook.
Also u can move it there, but since at the time i was creating the thread, i did not know if it is possible to track it back, but it seems it is :P
Also u can move it there, but since at the time i was creating the thread, i did not know if it is possible to track it back, but it seems it is :P