Jump to content
Sign in to follow this  
Davep007

Vubrute

Recommended Posts

Is anyone familiar with VUBRUTE. Infected server had this on it. They were using the server as a host for their local work while they are in Russia. Initial hack originated from a google account breach possibly. There was a google breach and possibly a VPN breach, don't know which one was first.

 

iufQOm1OtJOl69W3AF_xAN2EOcVSK5aj8UVOAA97

Share this post


Link to post
Share on other sites

Related brute force hack tools:

Quote

Legitimate remote administration tools used by attackers:

  • RealVNC: Client / Server VNC.
  • ThighVNC: Client / Server VNC.
  • NVNC: Server VNC.
  • Ammyy: Client / Server for remote administration.
  • Bitvise: Client / Server SSH.

Malicious tools developed by third parties:

  • VNC-Scanner: scan tool that searches for vulnerable VNC machines and exploits vulnerabilities in this service.
  • Fast RDP Brute: tool used in brute-force attacks to obtain access credentials on RDP systems.
  • VUBrute: tool used in brute-force attacks to obtain access credentials on VNC systems.
  • DUBrute: tool used in brute-force attacks to obtain access credentials on RDP systems.
  • LameScan: tool used in brute-force attacks to obtain access credentials on Radmin systems.
  • Advanced IP Scanner: network scanner and Trojan installer on RDP and Radmin systems.
  • Sanmao Email Collector: collector of email addresses on websites.
  • Sanmao Email Scraper: collects email addresses in search tools.
  • Sanmao SMTP Mail Cracker: tool used in brute force attacks for email.

 

https://sidechannel.tempestsi.com/hydrapos-operation-of-brazilian-fraudsters-has-accumulated-at-least-1-4-million-card-data-b05d88ad3be0

Edited by itman

Share this post


Link to post
Share on other sites

Very little information about it. What we saw was it logging attempts made VPN's. The files were hidden we could not find them and the hacker actually VPN'd in while were on the machine to get his text files that had the successful and non successful IP addresses and passwords.

Share this post


Link to post
Share on other sites

Is there an authority that investigates hacks. or do we simply just take it and shut up? Who do you call to report hacks?

 

Share this post


Link to post
Share on other sites
35 minutes ago, Davep007 said:

Is there an authority that investigates hacks. or do we simply just take it and shut up? Who do you call to report hacks?

 

That's a different story which isn't on the Antivirus' company tasks

You need to call your local authorities who are responsible for cyber incidents , that will be probably the Police if there is no special department.

Share this post


Link to post
Share on other sites
On 2/7/2020 at 10:35 PM, itman said:

Appears latest ver. of VUBRUTE can be downloaded here: https://hackforums.net/showthread.php?tid=5821898 . Of course, you will have to join the forum first ............. 😰

It's good to be able to have your hands on these kinds of brute force tools or another tools , it's helpful when you are testing your own network , but it's not when it's in the wrong hands and against you.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...