Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
New SubSeven Trojan unleashed
Kevin Poulsen, SecurityFocus 2001-03-13

SubSeven 2.2 makes Back Orifice look tame.

Comments Mode:
You are not 'safe' 2001-03-13
Anonymous
Behind of firewall. 2001-03-13
marceloreyes (at) netscape (dot) net [email concealed] (3 replies)
Behind of firewall. 2001-03-14
Someone (2 replies)
Behind of firewall. 2001-03-15
youps (at) hotmail (dot) com [email concealed] (1 replies)
Behind of firewall. 2001-03-16
mailsander (at) gmx.net (dot) no-s [email concealed]pam (1 replies)
Behind of firewall. 2001-03-16
Futien
Behind of firewall. 2001-03-25
Metallist
Behind of firewall. 2001-03-22
Karmic Resonance
Re: Behind of firewall. 2007-04-20
Anonymous
Safe? 2001-03-14
FS
Subseven is also an excellent legimate RAT... 2001-03-14
SilenceGold
Subseven 2.2 IS NOT A REMOTE ADMINISTRATION TOOL!!! 2001-03-14
David Mills (1 replies)
Subseven 2.2 IS NOT A REMOTE ADMINISTRATION TOOL!!! 2001-03-14
SilenceGold (2 replies)
MASTER PASSWORD? 2001-03-15
Concerned (1 replies)
MASTER PASSWORD? 2001-03-16
CL
RE: Subseven 2.2 IS NOT A REMOTE ADMINISTRATION TOOL!!! 2001-03-16
CL
not safe 2001-03-15
av
Subseven Startup 2001-03-15
Dark Avenue (4 replies)
Subseven Startup 2001-03-16
cPtHoWdY
Subseven Startup 2001-03-17
Anonymous
Subseven Startup 2001-03-22
dan
Subseven Startup 2001-03-22
Karmic Resonance
Norton found 2.2 in 2.1 download??? 2001-03-15
RT
You appear a little confused. 2001-03-16
HeLLfiReZ Sub7 Developer
I think I got hit by it... tips for other victims. 2001-03-16
kilonad (at) hotmail (dot) com [email concealed]
PLEASE stop referring to sub7 as if it were masterfully coded 2001-03-16
skweek
however.. 2001-03-18
ahmed rhashad muhammed aleki
Using Sub7 legitimatly 2001-03-19
dafunks (1 replies)
Re: Using Sub7 legitimatly 2007-06-19
Anonymous
sub seven is tame 2001-03-20
The Achtzhen
the program just makes a random exe file into the windows directory (e.g. axis.exe) and on the win.ini file (which can be run on the notepad) and on the 5th line of it puts this:

windows]

skipmouseredetect=0

NullPort=None

device=x.

run=axis.exe <-----

you just delete the exe file specified on the win.ini file and the axis.exe besides run= and you can free your computer from the active subseven server.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/171/5064#5064
Sub7 2001-03-21
surferUSA
SubSeven is the Powerhouse. 2001-03-21
C Y B E R C O N







 

Privacy Statement
Copyright 2009, SecurityFocus