Jump to content

Recommended Posts

Posted

Is anyone familiar with VUBRUTE. Infected server had this on it. They were using the server as a host for their local work while they are in Russia. Initial hack originated from a google account breach possibly. There was a google breach and possibly a VPN breach, don't know which one was first.

 

iufQOm1OtJOl69W3AF_xAN2EOcVSK5aj8UVOAA97

  • Marcos changed the title to Vubrute
Posted (edited)

Related brute force hack tools:

Quote

Legitimate remote administration tools used by attackers:

  • RealVNC: Client / Server VNC.
  • ThighVNC: Client / Server VNC.
  • NVNC: Server VNC.
  • Ammyy: Client / Server for remote administration.
  • Bitvise: Client / Server SSH.

Malicious tools developed by third parties:

  • VNC-Scanner: scan tool that searches for vulnerable VNC machines and exploits vulnerabilities in this service.
  • Fast RDP Brute: tool used in brute-force attacks to obtain access credentials on RDP systems.
  • VUBrute: tool used in brute-force attacks to obtain access credentials on VNC systems.
  • DUBrute: tool used in brute-force attacks to obtain access credentials on RDP systems.
  • LameScan: tool used in brute-force attacks to obtain access credentials on Radmin systems.
  • Advanced IP Scanner: network scanner and Trojan installer on RDP and Radmin systems.
  • Sanmao Email Collector: collector of email addresses on websites.
  • Sanmao Email Scraper: collects email addresses in search tools.
  • Sanmao SMTP Mail Cracker: tool used in brute force attacks for email.

 

https://sidechannel.tempestsi.com/hydrapos-operation-of-brazilian-fraudsters-has-accumulated-at-least-1-4-million-card-data-b05d88ad3be0

Edited by itman
Posted

Very little information about it. What we saw was it logging attempts made VPN's. The files were hidden we could not find them and the hacker actually VPN'd in while were on the machine to get his text files that had the successful and non successful IP addresses and passwords.

Posted

he took us to the file when he went to retrieve the txt files.

Posted

Is there an authority that investigates hacks. or do we simply just take it and shut up? Who do you call to report hacks?

 

  • Most Valued Members
Posted
35 minutes ago, Davep007 said:

Is there an authority that investigates hacks. or do we simply just take it and shut up? Who do you call to report hacks?

 

That's a different story which isn't on the Antivirus' company tasks

You need to call your local authorities who are responsible for cyber incidents , that will be probably the Police if there is no special department.

  • Most Valued Members
Posted
On 2/7/2020 at 10:35 PM, itman said:

Appears latest ver. of VUBRUTE can be downloaded here: https://hackforums.net/showthread.php?tid=5821898 . Of course, you will have to join the forum first ............. 😰

It's good to be able to have your hands on these kinds of brute force tools or another tools , it's helpful when you are testing your own network , but it's not when it's in the wrong hands and against you.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...