In response to viasta:
I did some network scanning on my internal network (What can I say, im a troll all around) And noticed that I had 4 backdoor ports open:
XHX, Taskman, BlueIce 2000 and Mstream.
Are those the same RAT's you found on your system?
Im currently running a TCP dump watching those ports specifically and so far ive parsed my older log files and found no traffic to those ports to date and all attempts to telnet onto the ports reveal no information unlike other rats, but however, better safe than sorry. Let me know via PM in detail about what you found and we can compare findings. This might not be an isolated incident and if Outspark is putting peoples personal data at risk then the public needs to know.
__________________
Fiesta - Mindspank - Bijou - 103 Sharpshooter
Aion - Mindspank - Israphel - 65 Ranger
|