Beast (Trojan horse) explained

Beast
Developer:Tataye
Operating System:Microsoft Windows
Latest Release Version:2.07
Latest Release Date:August 3, 2004
Discontinued:yes
Genre:
License:Freeware

Beast is a Windows-based backdoor trojan horse, more commonly known in the hacking community as a Remote Administration Tool or a "RAT". It is capable of infecting versions of Windows from 95 to XP.[1] Written in Delphi and released first by its author Tataye in 2002,[2] it became quite popular due to its unique features. It used the typical client–server model where the client would be under operation by the attacker and the server is what would infect the victim. Beast was one of the first trojans to feature a reverse connection to its victims, and once established it gave the attacker complete control over the infected computer.[2] [3] The virus would be harmless until opened. When opened, the virus would use the code injection method to inject itself into other applications.[4]

On a machine running Windows XP, removal of three files (“explorer.exe” (Windows Explorer), “iexplore.exe” (Internet Explorer), or “msnmsgr.exe” (MSN Messenger)) in safe mode with system restore turned off would disinfect the system.[5]

Usage

The default ports used for the direct and reverse connections were 6666 and 9999 respectively, though the attacker had the option of changing these. Beast came with a built-in firewall bypasser and had the ability of terminating some Anti-Virus or firewall processes. It also came with a file binder that could be used to join two or more files together into one executable.

See also

Notes and References

  1. Web site: Beast . 22 April 2014 . 7 January 2019 . Bailey.
  2. Web site: Ultimate List of Top 25 Dangerous Computer Viruses of All Time. Tech Tricks World. Atish. Ranjan. 15 December 2013. 17 January 2016.
  3. Web site: Ten years of evolving threats: A look back at the impact of notable malicious wares of the past decade. SC Magazine. Derek. Manky. 15 November 2010. 17 January 2016.
  4. Web site: How Does Code Injection Work? . 3 September 2018 . 7 January 2019 . Afam Onyimadu.
  5. Molotkov. S. N.. 2019-12-23. Trojan Horse Attacks, Decoy State Method, and Side Channels of Information Leakage in Quantum Cryptography. Journal of Experimental and Theoretical Physics. 130. 6. 809–832. 10.1134/s1063776120050064. 225862134 . 1063-7761.