Understanding the Impact of the 2002 Beast Trojan Virus


Understanding the Growth and Impact of the Beast Trojan



Early beginnings of the virus in 2002

The Beast Trojan is well known for hiding the most harmful of its activities. It is a RAT client format which was developed by Tataye. Fortunately it was substantially disabled on the 3rd of August 2004 after the best part of two years in operation. The virus primarily attacks the Microsoft Windows operating system. Some of the effects that it brings to your computer system are unwarranted remote administration overtures. The license type is freeware which actually ends up getting attached to your technological package.  It was referred to as Script-Kiddie in the underground hacking community. The infection is most likely in Windows from 95 to XP.

Writing the dangerous script for malware

The virus was written in Delphi and released by its initial author Tataye in 2002. Its unique features meant that it was actually popular against all expectations. The client-server model was typical of the time and that is why the program was very successful in penetrating operating systems. A server would then be overtaken and used to attack individual computers within the network. A reverse connection was installed towards the victims. This was a pioneering achievement for the Trojan class. The attacker would have complete control over the computer that had been victimized.  They could work even without knowing the IP address that had been allocated to the computer in question.  The attackers used a predefined DNS to get in touch. Therefore the IP address was redirected.

Forming a network of troublesome connections

Under the Beast Trojan system, the DLL was activated using the injection methodology. For example they would target the explorer.exe process which was meant to launch Windows Explorer. Other victim locations were the iexplore.exe for Internet and the msnmsgr.exe for the MSN Messenger.  The DLLs are automatically loaded onto the memory once the requisite processes are executed. This creates a never ending chain of infection which can completely run down the computer at the end of the day. There are three infection sites that are primarily targeted. The first is the MSAGENTS MS which range from 30KB to 49KB. The second is the System32 MS which has similar ranges. Finally it will go for the dxdgns.dll whose location is within the gift of the attacker.

Attempts at getting rid of the virus

It is not easy to get rid of the Season 3 Episode 7 because it is firmly embedded within the fabric of the computer system. You should try the safe mode and then restore them in XP once you are sure that they have been disinfected. The reverse connections use the default ports of 6666 and 9999. A firewall bypass facility was built into the virus. For example two files could be joined so that the icon is changed.

 

    Page copy protected against web site content infringement by Copyscape

 

 


 

 


 

Call Toll Free: 1- 888- 901- GEEK (4335)

 

Posted in Geek Stuff

Leave a Reply

Your email address will not be published. Required fields are marked *

*



Some of our Happy Customers we have provided service for...