Sub7

Sub7 or SubSeven is the name of a popular backdoor. It is mainly used by the so-called. script kiddies - inexperienced crackers for damage, such as hiding the cursor, changing system settings or loading pornographic pages. However, it can be used for more serious criminal activities such as stealing credit card data through a keylogger. The name of this program was created by reversing the word NetBus → ("suBteN") and changing "this" to "seven".

Sub7 is usually stopped by anti-virus or firewall software, and thanks to the built-in features of operating systems, it does not pose a major security risk. However, if it is packed in eg zip archive, some older antiviruses may not detect it (newer antivirus can browse archives, so it is not a threat to them).

The author of this software is Mobman (his place of residence and other details are unknown). This project has not been updated for several years, just like its website (the last modification is dated April 6, 2004).

Like any backdoor program, Sub7 is available in two versions: server and client. To perform the attack, you must encourage the victim to install the server version on his or her computer (this is necessary to attack). A client is a graphical interface program that script kiddie runs on his computer to take control of the victim. Sub7 allows crackers to set a password on the server, so the theoretically acquired machine will not be able to take over another cracker.

Older versions of Sub7 (server version) have a master password, allowing anyone who knows the password to take control of the system. In some versions, the password was: 14438136782715101980, but this property was removed.

Some versions of the client included the Hard Drive Killer Pro code, which aims to destroy the Mobman disk. He checks if ICQ is installed on the computer and if the account number matches (7889118, Seana Hamilton's ICQ number, the author of the competing Trojan) destroys the hard drive.

wiki