Author Topic: Why no info on hookbyter?  (Read 2194 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33668
  • malware fighter
Why no info on hookbyter?
« on: August 20, 2006, 10:22:33 PM »
Hello malware fighters,

Hookbyter zip contains a worm that is spread to damage the P2P-ing experience. Read here: http://www.governmentsecurity.org/archive/t11934.html

Funny is there is no removal or technical info on this intentional malware, some sites with translations go to erring pages or turn up a 404.

Luckily for us, avast protects against hookbyter. It is not a nice surprise to have it stealthily creep amids your download.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 47261
  • 62 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Why no info on hookbyter?
« Reply #1 on: August 20, 2006, 10:30:34 PM »
Maybe the date of this item (Oct 15 2004) has something to do with it???? ;D
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v21H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 22.5, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://

drhayden1

  • Guest
Re: Why no info on hookbyter?
« Reply #2 on: August 21, 2006, 01:26:29 AM »
bob...finally someone besides me posted an old article..no harm meant to you polonus,my friend,i've posted old articles twice so far-guess i'm not the only one on this forum that needs their eyes checked ;D :P ::)
« Last Edit: August 21, 2006, 01:35:04 AM by drhayden1 »

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33668
  • malware fighter
Re: Why no info on hookbyter?
« Reply #3 on: August 21, 2006, 01:54:49 PM »
Hi bob and drhayden1,

Hookbyter isn't an old story, new version are to be found on websites as old as 2006, there are three versions, like the Kazaa rar or zip version, tested against the big three av solutions.

A user of this malware states: ...quote:
Hookbyter



This program will download your trojan from the web and open it without user knowing it!
it will also trick some firewaly by injecting in another trusted proces!
then it will check the txt file you uploaded to your web page and used the names that will find in that
txt to spread on all p2p programs(kazaa,ares,emule...)

if p2p spreading option is enabled,please be shore that you upload the list
with filenames you want it to spread like(mcafee,winrar.....)to your web page
and put the right url(that will point to your uploaded txt file with names)!!


I woud like to thanx to Alchemist,brainbuster and many others
for suporting me and giving me ideas.(:



The p2p spreading option is made by Alchemist (: THANX M8!


Bug fixes:
-crashing server when wrong url was entered in settings now is fixed.
-startup fixes...
-activce skin error is ok now!(ocx file missing error = FIXED!)

Ok now the downloader shoud work ok without problems ...but still if you find anything wrong please
let me know i woud realy aprishiate it,thanx

Flow





OPTIONS:
-injection(it will inject itself to another trusted program and trick some firewalls)
-melt server(the file will delete itself and start runing hiden in win or system directory)
-icon changer(god to use it with when p2p spreading enabled)
-download the file on certian date
-option to chouse where you want your exe to be downloaded(system,or windows dir)
-icq ip notifycation(ewry startup it will send you a ip number of a infected computer)
-camera detection(if this option is enabled it will only download if a computer has
a web cam)if you want only victims with web cams. (:
-p2p spreading(this will add a worm function to this downloader,it will spread your exe from computer
to computer using p2p) Unquote....

What do you think of malware intentionally promoted to shy people out of (legit) P2P-ing? it means there is a cyberwar fought out there, and you are not sure who is putting the crap online friend or foe alike?  Please comment...

polonus



Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!