You would have probably heard that never run a .exe file if you are not confirmed about the authenticity of the person who send you that particular file, The reason why you might have heard that because Trojans, Keylogger, Spywares and Adwares use .exe format by default
So what do you think are you completely safe that you run untrusted MP3,JPEG files?
The answer is no, Its because you never know that virus has came with which format, It can take any format, It could be in JPEG, It could be in MP3 and it could be in almost any Format, So in this article I will tell you how hackers hide Keyloggers,Trojans and other harmful viruses in other files
What is a Binder?
A Binder is a software used to bind or combine to or more files under one name and extension, The files to be binded can have any extension or icon, Its all up to you and you have the choice to select the name, icon and various attributes of binded file, The Binded files can be even worse when they are crypted, because Bintext would not be able to find it and at the same time it could also bypass antivirus detection then you are almost guaranteed to be infected
Popular Binders
Here are some of the popular binders used by hackers to hide keyloggers and Trojans:
Simple Binder
Simple binder is one of my favorite binders of all time, I give thumbs up to the maker "Nathan", Its so easy to use and even a script kiddie can easily use it to bind keylogger or backdoors with other files
Weekend Binder
Weekend Binder can be used to bind two or more files under one extension and icon, If the binded file contains an application, the application also runs along with the actual binded files .
How to detect Crypted Binded files?
As I told you before that if a trojan or keylogger is binded with a file and it's crypted in order to bypass antivirus detection then its very difficult to detect it, However there is a great piece of software called resource hacker which is really effective when it comes to keylogger protection, It detects whether the file is binded or not.
Saturday, November 27, 2010
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment