Security experts have warned of a new release of the infamous SubSeven backdoor program, just hours after the appearance of a new version of the program that spawned the Kournikova virus.
Late yesterday, security professionals were warning of the increased risk of virus activity that could be brought on by version 2 of the Visual Basic Script Worm Generator. Today, version 2.2 of the SubSeven hacking tool made an appearance.
Security firm Internet Security Systems (ISS) said that the new version makes it much easier for "a malicious user to access your computer system without your knowledge or consent". The company also warned that an attacker could use this backdoor as a remote control and carry out activities as a local user.
ISS said SubSeven is a powerful backdoor program, mostly used against Windows systems. It allows an attacker to retrieve saved and cached passwords, modify the system registry, and upload, download and delete files from a system.
The new version also features SOCKS4/SOCKS5 Proxy Support, which enables an attacker to disguise their identity by connecting from an alternate IP address.
SubSeven also includes a packet sniffer that collects network traffic, such as passwords, and has the ability to connect to a random port every time it is started, making it harder to detect.
SubSeven 2.2 has expanded its notification capabilities, letting the intruder know that a machine is infected through IRC (internet relay chat), ICQ and email as well as being able to log keystrokes and send them via email.
One of the more dangerous capabilities, as pointed out by ISS, is its ability to use common gateway interface scripts, effectively allowing the program to be used as a denial of service tool.
Hackers can trade the IP addresses of infected machines and then use a number of them in a co-ordinated attack on another server.
Traditional theories debunked by new study
Scientists closer to developing material capable of splitting water for better storage of solar energy
Experiments needed to see if the material works in the real world
Developers first in the queue to test TensorRT and TensorFlow integration tools running on Nvidia GPUs
Wikileaks Vault 7 suspect Joshua Schulte fingered by FBI after re-using smartphone passwords on his PCs
Joshua Schulte indicted on 13 counts relating to Vault 7 leaks and trading in images of child abuse