什么是Creepware

From Information Security Terms
Revision as of 08:09, 2 March 2020 by 8TG1K2 admin (talk | contribs) (Created page with "== Creepware的工作方式 == Creepware使用一种称为客户端服务器的工作模型,但它扭曲了该模型如何工作的通常想法,即当用户连接到提供...")
Jump to navigation Jump to search
Other languages:
Bahasa Indonesia • ‎Bahasa Melayu • ‎Deutsch • ‎English • ‎Tiếng Việt • ‎Türkçe • ‎español • ‎français • ‎italiano • ‎português • ‎русский • ‎العربية • ‎فارسی • ‎हिन्दी • ‎中文 • ‎日本語 • ‎한국어

什麼是 Creepware

Creepware(也稱為遠程訪問木馬或RAT)是惡意軟件,它在受害者的設備上不知情地安裝,並允許攻擊者訪問和控制被黑客入侵的設備(計算機,平板電腦,筆記本電腦,智能手機或其他設備(例如IoT-物聯網)遠程訪問。

RAT的縮寫是Remote Access/Administration Trojan(具有遠程訪問/管理功能的木馬)和Remote Access/Administration工具(用於遠程訪問/管理的工具)的縮寫。遠程訪問工具和遠程訪問木馬之間的區別在於,後者是秘密安裝的,並用於非法和/或惡意目的,而遠程訪問工具則用於授權操作和合法目的,例如技術支持,以連接到您的家或旅行中的工作場所計算機等

Creepware的工作方式

Creepware使用一種稱為客戶端伺服器的工作模型,但它扭曲了該模型如何工作的通常想法,即當用戶連接到提供某種服務的伺服器時。對於CREEPWARE,受害者的設備成為伺服器,而攻擊者的設備充當客戶端。提供給攻擊者的「服務」是受害者設備上的信息或未經授權的操作。

What are the features of creepware?

Creepware provides the attacker with access to the following elements on a compromised device:

  • files;
  • processes and services;
  • clipboard;
  • network connections;
  • registry;
  • connected peripherals (printers, webcams, audio recording devices, etc.).


In addition, creepware allows the attacker to remotely monitor the compromised device, namely:

  • keep a log of keystrokes pressed;
  • take screenshots of the screen;
  • record video from the connected webcam;
  • record audio from the connected microphone;
  • steal passwords;
  • download and upload files from/to the device;
  • open web pages;
  • display messages on the screen;
  • play audio messages;
  • reboot or turn off the compromised device.

The main goals of using creepware

Information theft

Creepware allows the attacker to steal information both contained in the files and entered by users from the keyboard or recorded by connected devices.

Using device resources

A compromised device can be used for DDoS attacks, spamming, cryptocurrency mining, etc.

Voyeurism

The webcam on the victim's device can be used for secret recording.

Blackmail

Information stolen from the device can be used to blackmail the victim.