Apr 11 2008
Not sure if this is a controversial method or not but it is certainly better than a reactive posture in my opinion.
Mr. Eriksson is a security researcher at Bitsec who finds remotely-exploitable security holes in hacking software and then counter-attacks. He has even used it on Chinese hacker software:
Eriksson later turned the same techniques on a Chinese RAT known as PCShare (or PCClient), which hackers can buy for about 200 yuan.
PCClient is slightly better engineered than Bifrost, since it won’t accept a file uploaded to it, unless the hacker is using the file explorer tool.
But, Eriksson found, the software’s authors left a bug in the file explorer tool in the module that checks how long a download will take. That hole allowed him to upload an attack file the hacker hadn’t asked for, and even write it into the server’s autostart directory.
One Response to “Chinese hackers…you will not like Joel Eriksson…nope, not one little bit”