Custom Trojan Creation Tool Sold Online

Finch writes "Net Security.org is reporting on the surprisingly sophisticated 'virus in a can' software called Pinch. Pinch is a tool sold on several online forums and designed to create Trojans. It allows attackers to specify the data that Trojans steal. One of the interface tabs, PWD, allows malicious users to select the type of password to be stolen by the Trojan: from email passwords to passwords kept by the system tools. It is possible to order the Trojan to encrypt this data when sending it, so that nobody else can read it. 'Pinch also lets users carry out other actions: turn infected computers into zombie computers, pack Trojans to make detection more difficult, and kill certain system processes, particularly those of security solutions.'"

That sounds like fun

[Anonymous+Crowhead]

How much is it and where can I buy it? For, uh, research purposes.

Re:That sounds like fun

[Electrum]

I know you're joking, but what sort of fool would trust the seller with their own CC#?

Why does the card holder care? Your liability is limited to $50 by law, or zero by many card issuers. Merchants are the ones who lose with fraud, not the card holders or the credit card companies. In fact, the card company profits from fraud by hitting the merchant with a charge back fee in addition to reversing the transaction.

nothing special

[sub7]

they were distributing trojans like this in the 1990s... sub7 anyone? ;)

Re:nothing special

[KillerCow]

Or the venerable Virus Creation Laboratory, ala '92.

Nothing New

[KermodeBear]

There is nothing new here.

I remember back in my script kiddie days I was able to download programs that would put together a trojan or virus together from the various options the user selected. Press a button and viola! It generated an executable. This was ten years ago.

What's so new here? That fact that someone is commercializing it?

Well, good. If you have to shell out cash at least it will keep my 16 year old self from downloading it and causing annoyances.

Re:Nothing New

Yeah, Sub7 was great. I thought the most entertaining feature was being able to quickly and easily set the user's desktop wallpaper image. It didn't take long to sniff just enough of the Sub7 protocol to be able to develop a tool that would a) scan huge swath of netspace for Sub7 b) login c) download a .jpg d) set wallpaper. A lot of people back in the late 90s woke up to find that overnight, their wallpaper had changed to a photo involving a cucumber and a very hairy receptacle.

Being able to pop custom modals was pretty fun, too. "ERROR: Insert penis into CD-ROM drive to continue operation! [OK]," followed by the CD tray immediately ejecting itself, probably freaked a few people out.

Oh, to be young again, those were the days...!

After all those

[rrohbeck]

"1NCRE@SE Y0UR PEN1S S1ZE 25% 1N 2 WEEKS!" programs I definitely need custom Trojans.

Only 10 years? How about 1992?

[khasim]

http://vx.netlux.org/vx.php?id=tv03
I still remember the password was chiba city.

well you're obviously not the intended market

[JeanBaptiste]

anyone who would use one of these would likely download a pirated version.

Re:well you're obviously not the intended market

[morari]

Which is, itself, a Trojan...

Re:well you're obviously not the intended market

[X0563511]

Please stand by as space-time folds in upon itself.

Aww yeah! Custom Trojan Creation Tool! Giggety!

[Greyfox]

I'm going to design mine with the ribs on the inside! For my pleasure! Aww yeah!

Re:Scary stuff to be sure

[realmolo]

Eh. Trojans/rootkits/viruses built form these "kits" tend to all be very similar. Essentially, if you defend against one, you're defended against all the others.

Never mind the fact that it's a fucking KIT. If YOU can download it, so can the anti-virus people in order to figure out how to detect viruses made with it.

The interesting thing about modern viruses/trojans/whatever is that very few of them are really *viruses* anymore. They rely almost completely on simply getting a user to manually run (or at least give permission to the system to run) an obfuscated executable. It's sad that the technique is so successful.

Re:Torrent?

[Havenwar]

Oh, actually a search for "pinch" on emule turns up quite a plethora of results... although once you've sorted out the porn and downloaded a few exe files (yes I know, for most geeks this is the exact reverse of the normal process), for some odd reason antivirus warnings start to pop up... apparently two out of three pinch downloads was infected with "Win32/PSW.LdPinch.P4 trojan" and the third with some other crap that I forgot to write down.

You can almost see the scriptkiddies sitting there with their brand new trojan going... "hmm, now if only I had some program to trick people into downloading... something I could merge my trojan with to start off my botfarm. Something I could put on fasttrack, and maybe emule... something idiots would download and run even if their antivirus goes off. Hey wait a minute, I'm an idiot and I just ran pinch even though 'norton' told me it was bad for me!"

Re:Torrent?

[PCM2]

apparently two out of three pinch downloads was infected with "Win32/PSW.LdPinch.P4 trojan"

Did you stop to think that maybe the construction set was identified as a Trojan because it ... you know ... contained the code for a Trojan? As in ... if it tripped your antivirus then you probably had the right one.