Lost+Found: A Trojan cracker, a brute force blockade and Bollywood
Too small for news, but too good to lose, Lost+Found is a compilation of the other stories that have been been on The H's radar this week. In this edition: a trojan cracker, a brute force blockade to protect Windows Server, a zero day gang's fingerprints, testing EMET, Bollywood's answer to Hackers, and Hack.me.
- The payload for the Gauss Trojan, which seems to have been developed by pros, has still not been completely decrypted. Anyone interested in helping crack the Trojan now has another tool at their disposal: a special, GPU-accelerated version of the Hashcat cracking tool that has been refined for this particular purpose.
- A PowerShell script from developer Dong Xie ensures that uninvited guests who try to get access to a Windows server using brute force are put on Windows Firewall's blacklist after a few failed attempts.
- According to anti-virus company Symantec, the developers of the 0day exploit for Internet Explorer that appeared just before Christmas are not first-time perpetrators. The Flash file used for the heap spraying process apparently features the signature of the Elderwood gang, who discovered and took advantage of three other 0days in IE and XML Core Services last year.
- Microsoft's EMET mitigation tool has been put to the test by the Internet Storm Center. The tool blocked the current 0day exploit for Internet Explorer even when basic functions like heap spraying protection were disabled.
- There are countless Hollywood movies about hackers; now, a Bollywood production will join their ranks. Mickey Virus is set to be released in May.
- At Hack.me, users can test their security expertise with vulnerable web applications. They can also use a web-based IDE for PHP and MySQL to create Hackme tasks for other users.