Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 REMOTE CONTROL SYSTEM V7 www.hackingteam.it. 2 Introduction.

Published byAntony Greer Modified over 9 years ago

Similar presentations

Presentation on theme: "1 REMOTE CONTROL SYSTEM V7 www.hackingteam.it. 2 Introduction."— Presentation transcript:

1 1 REMOTE CONTROL SYSTEM V7 www.hackingteam.it

2 2 Introduction

3 © Hacking Team All Rights Reserved 3 System Architecture

4 4 Backdoor Functionalities (PC & Mobile)

5 © Hacking Team All Rights Reserved 5 PC Version Monitoring and Logging Remote Control System can monitor and log any action performed by means of a personal computer Accessed URLs Accessed documents Keystrokes Printed documents Chat, e-mail, contacts, instant messaging Remote Audio Spy Localization (wifi) Camera snapshots VoIP (Skype, MSN, etc.) conversations FileSystem browsing

6 © Hacking Team All Rights Reserved 6 © Hacking Team All Rights Reserved 6 © Hacking Team All Rights Reserved 6 PC Version Online Captured data transmission Connects through the internet to the collection node Collection nodes can be hidden behind an anonymizing chain Works both in home and enterprise environments Network Firewalls (passed through) Web Proxies (passed through) Domain credentials (stolen)

7 © Hacking Team All Rights Reserved 7 © Hacking Team All Rights Reserved 7 © Hacking Team All Rights Reserved 7 PC Version Offline data retrieving No internet connection required Data can be exported in an encrypted format to any external device (eg: USB dongle) Data can later be imported into the database

8 PC architectures Windows XP/Vista/2003/2008/7 (32/64bit) Mac OS X Linux (Q2 2011) © Hacking Team All Rights Reserved 8

9 © Hacking Team All Rights Reserved 9 © Hacking Team All Rights Reserved 9 © Hacking Team All Rights Reserved 9 Remote Control System can monitor and log any action performed by means of a smartphone Call history Address book Calendar Email messages SMS/MMS interception Localization (cell signal info, GPS info, wifi) Remote Audio Spy Camera snapshots Voice calls interception … Mobile Version Monitoring and Logging

10 © Hacking Team All Rights Reserved 10 © Hacking Team All Rights Reserved 10 © Hacking Team All Rights Reserved 10 Mobile Version Online Captured data transmission Connection via GPRS/UMTS/3G to the Collection Node Configurable custom APNs Connection through any open/preconfigured WiFi network to the Collection Node Automatic APs detection Connection via BlueTooth/WiFi to the Mobile Mediation Node (data can later be sent to the database)

11 © Hacking Team All Rights Reserved 11 © Hacking Team All Rights Reserved 11 © Hacking Team All Rights Reserved 11 Mobile Version Mediation Node Useful if the target cannot access any WiFi or 3G/GPRS Network

12 © Hacking Team All Rights Reserved 12 Mobile Configuration As for the PC version, Remote Control System for Mobile devices can be re-configured after each synchronization...... And ‘on the fly’: ► Control SMS: messages sent from a pre-configured phone number can be used to control the backdoor. ► Control SMS are completely invisible to the user and they leave no trace on the phone.

13 © Hacking Team All Rights Reserved 13 Mobile architectures Windows Mobile 6 6.5 iPhone OS 2 4 Symbian S60 3 rd edition BlackBerry OS >= 4.5 Android (Q1 2011)

14 14 System features

15 © Hacking Team All Rights Reserved 15 Invisibility After the installation, Remote Control System cannot be detected by any infected user Existing files are not modified No new files appear on the computer’s hard disk No new processes are executed No new network connections are established Antivirus, antispyware, anti-key-loggers cannot detect our bug ► E.g. Gartner Endpoint Security Magic Quadrant

16 © Hacking Team All Rights Reserved 16 Flexibility Goes beyond logging and monitoring Has a real-time alerting system Allows performing actions on an infected device ► Search and view data on the hard disk ► Execute commands remotely ► Possibly modify hard disk contents ► Inner logic for automated response (No human interaction required)

17 © Hacking Team All Rights Reserved 17 Inner Logic (1) It is based on an Event/Action paradigm ► Events: On ScreenSaver Time based On SMS reception On GPS position... ► Actions: Synchronize Uninstall Start/Stop Agent Send SMS Execute command

18 © Hacking Team All Rights Reserved 18 Inner Logic (2) Some examples... Screen saver starts -> Send data SIM changes -> Send SMS with SIM information Received Covert SMS -> Send SMS with GPS position On GPS position -> Start the Microphone capture and Send SMS with GPS position Incoming/outgoing call -> Make a camera snapshot

19 19 Infection

20 © Hacking Team All Rights Reserved 20 Attack/Infection vectors Remote Control System is software, not a physical device Which can be installed remotely ► Computer can be bugged by means of several infection vectors ► Intelligence information about remote target mandatory … but local installation remains an option ► Usually very effective

21 PC Installation (1) Remote infection vectors Executable melting tool Injection Proxy HT Zero-day Exploits portal © Hacking Team All Rights Reserved 21

22 PC Installation (2) Local infection vectors Bootable CDROM or USB pen drive Direct hard disk infection by means of tampering with computer case HT consultancy Anonymous attack scenario analysis ► E.g., Internet Café using DeepFreeze © Hacking Team All Rights Reserved 22

23 © Hacking Team All Rights Reserved 23 Mobile Installation Local Infection: Memory Card Through an infected PC ► when connected for synchronization/recharging Remote Infection: CAB/SIS/COD Melting Special crafted SMS (WAP Push)

24 24 Demo time!

25 25 Q&A

Download ppt "1 REMOTE CONTROL SYSTEM V7 www.hackingteam.it. 2 Introduction."

Similar presentations

Voice and Data Encryption over mobile networks July 2012 IN-NOVA TECNOLOGIC IN-ARG SA www.in-arg.com MESH VOIP.

Voice and Data Encryption over mobile networks July 2012 IN-NOVA TECNOLOGIC IN-ARG SA MESH VOIP.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Objectives Overview Define an operating system

Objectives Overview Define an operating system
Advanced Techniques in Forensic Examination of Smartphones (C) Oxygen Software, 2000-2010 2010.

Advanced Techniques in Forensic Examination of Smartphones (C) Oxygen Software,
V1.00 © 2009 Research In Motion Limited Introduction to BlackBerry Smartphone Web Development—The BlackBerry Infrastructure Trainer name Date.

V1.00 © 2009 Research In Motion Limited Introduction to BlackBerry Smartphone Web Development—The BlackBerry Infrastructure Trainer name Date.
Trojan Horse Program Presented by : Lori Agrawal.

Trojan Horse Program Presented by : Lori Agrawal.
1 of 5 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.

1 of 5 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.
CMPTR1 CHAPTER 3 COMPUTER SOFTWARE Application Software – The programs/software/apps that we run to do things like word processing, web browsing, and games.

CMPTR1 CHAPTER 3 COMPUTER SOFTWARE Application Software – The programs/software/apps that we run to do things like word processing, web browsing, and games.
Kerio Connect 7.1 More Than Just a Mail Server

Kerio Connect 7.1 More Than Just a Mail Server
SmartPhones Student 1 Student 2 Student 3. SmartPhone Definition “A SmartPhone is one device that can take care of all your handheld computing and communication.

SmartPhones Student 1 Student 2 Student 3. SmartPhone Definition “A SmartPhone is one device that can take care of all your handheld computing and communication.
OPERATING SYSTEMS AND SYSTEMS SOFTWARE. SYSTEMS SOFTWARE Systems software consists of the programs that control the operations of the computer and its.

OPERATING SYSTEMS AND SYSTEMS SOFTWARE. SYSTEMS SOFTWARE Systems software consists of the programs that control the operations of the computer and its.
Windows XP Professional Deployment and Support Microsoft IT Shares Its Experiences Published: May 2002 (Revised October 2004)

Windows XP Professional Deployment and Support Microsoft IT Shares Its Experiences Published: May 2002 (Revised October 2004)
Advanced Techniques in Forensic Examination of Smartphones 2012 (C) Oxygen Software, 2000-2012

Advanced Techniques in Forensic Examination of Smartphones 2012 (C) Oxygen Software,
IMonitor Software About IMonitorSoft Since the year of 2002, coming with EAM Security Series born, IMonitor Security Company stepped into the field of.

IMonitor Software About IMonitorSoft Since the year of 2002, coming with EAM Security Series born, IMonitor Security Company stepped into the field of.
Trojan Horse Implementation and Prevention By Pallavi Dharmadhikari Sirisha Bollineni VijayaLakshmi Jothiram Vasanthi Madala.

Trojan Horse Implementation and Prevention By Pallavi Dharmadhikari Sirisha Bollineni VijayaLakshmi Jothiram Vasanthi Madala.
eScan Total Security Suite with Cloud Security

eScan Total Security Suite with Cloud Security
Technology Coordinators Training. Confidential Copyright © 2007 Pearson Education, Inc. and/or one or more of its direct or indirect affiliates. All rights.

Technology Coordinators Training. Confidential Copyright © 2007 Pearson Education, Inc. and/or one or more of its direct or indirect affiliates. All rights.
1 Outlook Lesson 1 Outlook Basics and E-Mail Microsoft Office 2010 Introductory Pasewark & Pasewark.

1 Outlook Lesson 1 Outlook Basics and Microsoft Office 2010 Introductory Pasewark & Pasewark.
SOFTWARE.

SOFTWARE.
TRUSTPORT PRODUCT PORTFOLIO Marcela Parolkova Sales Director.

TRUSTPORT PRODUCT PORTFOLIO Marcela Parolkova Sales Director.

Similar presentations

Ads by Google