0 Members and 1 Guest are viewing this topic.
Ice IX is a new bot form-grabber similar to Zeus , but a big rival to it. It is based on modified Zeus 2 core.The core was redesigned and enhanced. It was enhanced bypassing the proactive protection and firewall using driver mode, injects are working more stable on IE and Firefox based browsers.The main goals were adding protection from detection by trackers, getting higher response, more stealthiness, and longer vitality. The goals were successfully reached. Support is also available, free updates to new version for current clients.Main functionality:* Key logging (with ability to get screenshots of mouse pointer zone)* Grabbing of http and https forms and injects (standartd format of injects for Zeus) in Explorer and Mozilla Firefox (also all wininet.dll and nspr4.dll based browsers: AOL, Maxton…)* Grabbing cookies, .sol files, saved form data* Grabbing FTP clients: FlashFXP, Total Commander, WsFTP 12, FileZilla 3, FAR Manager 1,2, WinSCP 4.2, FTP Commander, CoreFTP, SmartFTP* Grabbing Windows Mail, Live Mail, Outlook* Socks 5 with back connect* Screenshots in real-time, you can say what URL to be screened* Getting certificates from “My” store and clearing it. After clearing new imported certificate will be saved to server* Searching files on logical disks by mask or loading an exact file* TCP traffic sniffer* Wide range of command to control an infected PC (download and execute arbitrary file, setting home page, enable/disable injects, kamikaze etc…like in Zeus 2.0.8.9)Main advantages:* Protection from Trackers.The config file now id getting not directly but throw the proxy.php file where you should enter the same key using for crypt data exchange between bot and control panel. If the request for config is created not by bot with the same key the 404 error will be returned. So no way to download and analyze the configuration file.This is a major advantage if you are creating a big botnets, because the main problem of original Zeus - it is trackers.* Higher response and longer vitality. It is cheaper to create the botnet.* Updates and support. All updated for 1.x.x version are free for customers* A possibility to develop custom solutions.In current development:Adding http fakes for FirefoxAdding blocking/bypassing for Spy EyeChanging of algorithm of crypting data exchane bettween bot and control panelPrice for personal licence for current version 1.0.5.* Version with binding to host: $600/LR/WMZ . Bot and builder with ability to create config file is included* License for builder without limitation: $1800/LR/WMZ/Contact:ICQ : 610875708Jabber : iceix@secure-jabber.bizVerified at :exploit.in/forum/index.php?showtopic=47830 (reviews also)xakepy.cc/showthread.php?t=70133korovka.name/showthread.php?t=1771ScreensWebpanel:http://img594.imageshack.us/img594/981/admin1z.jpghttp://img600.imageshack.us/img600/5638/admin2b.jpgBuilder:http://img146.imageshack.us/img146/7562/builderl.jpgIce9 новый зевсоподобный бот-формграббер.За основу была взята версия второй линейки ZeuS и была качественно переработанна и улучшена.Главной задачей ставилось повышение отстука относительно своего прародителя и данная задача была успешно выполнена.Усовершенствован обход проактивных защит и фаерволлов.Так же переработке подверглась технология инжектирования позволяющая инжектам работать гораздо стабильнее.Бот постоянно развивается и дополняется.Бот имеет привязку к хосту, так же постовляется расширенная версия билдера без привязки.Стоимость лицензии с привязкой к хосту: 600WMZ/LR/WMZ USDСтоимость лицензии без привязки к хосту: 1800WMZ/LR/WMZ USDКонтакты ICQ/Jabber: 610875708 / iceix@secure-jabber.biz (Ice IX)
Topic: Ice - IX botnet (Read 17066 times)
