DarkComet Developer Retires Notorious Remote Access Tool

  /     /     /  
Publicated : 22/11/2024   Category : security


DarkComet Developer Retires Notorious Remote Access Tool


Some call DarkComet a tool; others call it a Trojan. RAT had been used by Syrian police and anti-Tibet organizations to spy on targeted computers.



Who Is Anonymous: 10 Key Facts (click image for larger view and for slideshow)
The creator of a notorious remote access tool (RAT) known as DarkComet has announced that hes retiring the free software, effective immediately.
Developer Jean-Pierre Lesueur said on his
DarkComet website
that he decided to pull the plug after his software was used for illegal purposes, for which he didnt want to be held accountable. Lesueur, meanwhile, has also released--via the website--a free tool to detect any instance of DarkComet running on a computer, even packed/compressed/virtualized etc., as well as another tool to extract the data in a darkcomet stub, he said.
Why did I take such a decision? ... Because of the misuse of the tool, and unlike so many of you [I] seem to believe I can be held responsible [for] your actions, and if there is something I will not tolerate [it] is to have to pay the consequences for your mistakes and I will not cover for you, wrote Lesueur on his website. The law is how it is and I must abide by the rules, yes its unfortunate for [developers] in security but thats how it is. Without mentioning what happened in Syria ...
What
happened in Syria
was this:
Syrian police used DarkComet
earlier this year to spy on opponents of President Bashar al-Assad. Likewise, DarkComet reportedly has been used to spy on pro-Tibet non-governmental organizations.
[ Read
8 Lessons From Nortels 10-Year Security Breach
. ]
Remote access tools have been available for some time, and used in numerous low and slow nation state attacks, as well as in advanced persistent threat attacks. But awareness of such tools increased markedly last year, after revelations that the Shady RAT series of attacks--
attributed by many information security watchers to China
--had successfully compromised
at least 72 organizations
, including 22 governmental agencies and contractors.
What can DarkComet or other RATs do? This software allow you to make hundreds of functions [stealthily] and remotely without any kind of [authorization] in the remote process, Lesueur
told security firm Sophos
last year, in reference to DarkCometX, a then-in-development Mac version of his RAT.
Given that functionality, Chester Wisniewski, a senior security advisor at Sophos Canada, said the RAT term was a misnomer. While the authors would like you to believe they are simply tools, I think the evidence suggests Trojan is more appropriate, he said.
DarkComet creator Lesueur has been careful to distinguish between how his software could be used legitimately or illegally. On his website, in response to a rhetorical question about whether just the act of using DarkComet would be illegal, he said: Well it depends how you use it, if you use it to control remote machines without any authorization from the owner then yes, if you use it in your own network then it is fully legal.
Lesueurs retiring of DarkComet clearly is his attempt to
avoid arrest or imprisonment
for having built and distributed the free software. While in the past authors of such tools believed that they were immune from prosecution by claiming that they were educational tools, arrests--starting with the alleged author of the infamous Mariposa botnet--have begun to wake up authors of such tools to the possibility that they could be breaking the law, according to a
Symantec blog post
.
These arrests are sending a message to the authors of such tools that they are not above the law and could face prosecution for their actions, according to Symantec, which predicts that more developers of freeware RATs--and similar tools--will soon retire their wares. Time will tell, but any similar closures due to the risk of prosecution must be seen as a step in the right direction in combating the risk posed by such freely available tools, the company said.
Employees and their browsers might be the weak link in your security plan. The new, all-digital
Endpoint Insecurity
issue of Dark Reading shows how to strengthen them. (Free registration required.)

Last News

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
DarkComet Developer Retires Notorious Remote Access Tool