Forum: Too Lazy BBS

Who's Online
Recent Visitors
- Sykotik
  Tue Jun 3 22:34:42 2025
  from Canada via Telnet
- Sykotik
  Tue Jun 3 22:31:22 2025
  from Canada via Telnet
- Guest
  Tue Jun 3 15:02:05 2025
  from Nc via Telnet
- Sykotik
  Mon Jun 2 00:49:24 2025
  from Canada via Telnet

System Info

Sysop:	Amessyroom
Location:	Fayetteville, NC
Users:	28
Nodes:	6 (0 / 6)
Uptime:	122:02:02
Calls:	449
Files:	1,042
Messages:	95,781

Re: polymorphic viral engines

From Ogg@700:100/16 to poindexter FORTRAN on Sun May 19 21:20:00 2024

Hello p.F!

** On Wednesday 08.05.24 - 09:54, poindexter.FORTRAN wrote to warmfuzzy:

A good read about the group responsible for Back Orifice is
"Cult of the Dead Cow: How the Original Hacking Supergroup
Might Just Save the World" by Joseph Menn. I worked with a
cDc member back in the '90s, and still have a bunch of "owned
by cDc" stickers.

Another book on hacking culture:

The Ransomware Hunting Team: A Band of Misfits' Improbable
Crusade to Save the World from Cybercrime | Paperback

Renee Dudley | Daniel Golden

Picador
True Crime / Cybercrime / Computers / Security - Viruses & Malware / Law / Forensic Science

Published Oct 24, 2023

9781250872609
--- SBBSecho 3.20-Linux
* Origin: End Of The Line BBS - endofthelinebbs.com (700:100/16)

From warmfuzzy@700:100/37 to all on Tue May 7 17:36:11 2024

There used to be a popular remote access trojan called Back Orifice. It works exceptionally well and could totally root a windows box. The problem was that it got its malware signature in every anti-malware suite out there. But there has come to light a solution to that problem. Enter the "polymorphic malware engine." These are state of the art re-coding software kits. They basically get the idea of what the software does and use different code to have the malware do the same thing. In short form the program is identical to its original malware, but using different code to accomplish the same task.

Back to Back Orifice, it had its executable code (in .exe form) used in one of the polymorphic engines and was able to do exactly what it did in its original form but without having any known malware signature that could be detected by any anti-viral suites. Its an intriguing use of getting something done, producing the same result, but using different coed to accomplish the same task.

In amazement
-warmfuzzy

--- Mystic BBS v1.12 A49 2023/04/30 (Linux/64)
* Origin: thE qUAntUm wOrmhOlE, rAmsgAtE, uK. bbs.erb.pw (700:100/37)

From poindexter FORTRAN@700:100/20 to warmfuzzy on Wed May 8 06:54:34 2024

Re: polymorphic viral engines
By: warmfuzzy to all on Tue May 07 2024 05:36 pm

There used to be a popular remote access trojan called Back Orifice. It works exceptionally well and could totally root a windows box. The problem was that it got its malware signature in every anti-malware suite out there.

A good read about the group responsible for Back Orifice is "Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World" by Joseph Menn. I worked with a cDc member back in the '90s, and still have a bunch of "owned by cDc" stickers.

_ _
((___))
[ x x ]
\ /
(' ')
(U)
--- SBBSecho 3.20-Win32
* Origin: realitycheckBBS.org -- information is power. (700:100/20)