Jan sent us a nice trojan he found on a friend's defaced website. After 20 seconds, the defaced site will redirect users to the java applet which appears to implement a full featured bot. You should see a java security popup notifying you that the applet is signed by an "Unknown User". As always, do not click 'OK' but deny.
Given that it is written in Java, this bot could potentially work on different operating systems.
I will be teaching next: Intrusion Detection In-Depth - SANS London July 2019
Oct 13th 2006
1 decade ago