The pest was created in January 2001. You can find it in the internet under such name as Undetected 3.3. This hacker tool has a lot of dangerous abilities and was designed not only for virtual hooliganism, but also for spying on user, keylogging and stealing passwords and bank account numbers. The author is a hacker called Knox_rw.
From the publisher:
coded by knox_rw
*tested on W95,W98,WMe
NOTE:READ THE “DISCLAIMER” BEFORE USING “UNDETECTED”
-now the server IS INVISIBLE in any process viewer (this is
dedicated to the guys who know something about detecting a
backdoor in memory and as you know a backdoor once detected is
half removed) – harder to detect&remove
another big step in a lame trojan world
-added a new method of autostart in the server (unknown 2)
the size has been increased a little but you won’t regret that
Note: server’s filename must be 6 chars long(in case you want to rename it)
-added “get recorded passwords” function;the ideea was inspired from DeepT. and
Sub7 but it’s much better implemented in UDT server coz it steals ONLY and all the
passwords (under the “*” characters) not all the shit in the edit boxes like the
backdoors mentioned.Will steal DUN passwords,WinZip passwords,Network passwords,etc…
this function is still in beta testing
-added “get ras function” (connection name,user name,password,phone number)
-added online keylogger -little buggy coz it uses the same socket as the server
use lower or higher values than 10 (characters) depending on your connection
when you use it don’t do anything else (recommanded)
-fixed the windir problem in the “install” plugin function
now the plugin installation works fine – big fix
-fixed the capture.dll plugin (it works now for all resolutions – not only 800X600)
-fixed the bug with the DUN popup on some computers when the
server tries to send an ICQ notification (IE registry fix 🙂 coz I can’t find a damn way
to detect when the victim gets online)
-fixed some stuff at the file manager (now shows the directories first ,then the files)
-fixed the ICQ notification bug (not showing the port)
-fixed an ugly startup bug that could stop the server from running correctly – big fix!!!
-fixed the icon change feature (only for 766 bytes icons)
-the binder it’s now easier to use (to change the icon of the binded file
browse for it,select an icon by doubleclicking the icon picture then press
the “write icon” button)
-if your victim has a slower computer I recommand to use ONLY one
-if you want to test the server on your local machine edit
it first (remove the startup methods and edit the icq notification)
after testing it connect locally and press the “remove server” button
in “server options” to remove the autostart methods and all the registry keys.
LAME EMAILS LIKE “How to use it”,”How to remove it” … WILL BE DELETED.
SO DON’T BOTHER MAILING ME IF YOU WANT TO ASK THIS KIND OF QUESTIONS.
I WON’T RESPOND!!!
I writed a help file.Read it!
‘have phun and stay undetected
knox_rw – TDS CREW 2k01
Backdoor.TDS.SE.33 manual removal: