Hacker Distributes Backdoored IoT Vulnerability Scanning Script to Hack Script Kiddies

If you are searching for free hacking tools on the Internet, then beware—most freely available tools, claiming to be the swiss army knife for hackers, are nothing but a scam.

This problem can be easily solved.
Windows users can download antivirus for Windows solution CyberByte by clicking the banner below. The free antivirus will help you to know if your PC is infected. Windows free antivirus of CyberByte is an awarded software for malware detection.

Mac / MacOS / OS X users can download antivirus for Mac solution CyberByte by clicking the banner below. The free antivirus will help you to know if your Mac is infected. Antivirus for Mac is an awarded software for malware detection. The free antivirus for Mac is available for new MacOS and older OS X versions.

Features of CyberByte™ antivirus:

  • Protects you from all kind of threats
  • CyberByte™ custom detection engine includes Mac and Windows malware protection and detection
  • Fastest scanning times in the market
  • Crypto Mining rogue extensions/malware detection
  • Ransomware detection - don’t negotiate with ransomware cyber terrorists – keep your Mac and Windows safe
  • Active live protection from background
  • Certified Threat Detector by OPSWAT
  • Easy to Install
  • Easy to Manage
  • Incredible value for money

Invisible, protecting you from behind the scenes - You will not feel it is installed on your computer, easy on the resources, like a protection software should be.

Original technology that combines behavioral heuristic analysis with powerful signatures database – the CyberByte™ Protection Engine  delivers top of the line protection in an instant.

Fastest scanning times in the market – your time is precious, but also so is your digital life – CyberByte™ delivers fast scanning saving both time and your valuable data.

Don’t negotiate with ransomware cyber terrorists – keep your Mac safe and don’t ever end up paying for what is already yours.

Protect others as well – the CyberByte™ Protection Engine  not only detects the threat but stops it from spreading to other Macs or Windows machines.

Don’t let strangers use your resources – more than 80% of the attacks are crypto mining driven. Are you sure your computer is not mining for crypto while you read this text?

Our malware protection will continuously look after your device providing the best security against viruses. Give us the chance to prove it by downloading the antivirus for your device.

The free download antivirus is available for both Mac and Windows users.

The antivirus for Mac is a certified product by OPSWAT (OPSWAT is a San Francisco-based software company that provides solutions to secure and manage IT infrastructure. Founded in 2002, OPSWAT delivers solutions that provide manageability of endpoints and networks, and that help organizations protect against
zero-day attacks by using multiple antivirus engine scanning and document sanitization.
To learn more about OPSWAT’s innovative and unique solutions, please visit http://www.opswat.com).


For example, Cobian RAT and a Facebook hacking tool that we previously reported on The Hacker News actually could hack, but of the one who uses them and not the one you desire to hack.

Now, a security researcher has spotted another hacking tool—this time a PHP script—which is freely available on multiple popular underground hacking forums and allows anyone to find vulnerable internet-connected IP Cameras running the vulnerable version of GoAhead embedded web-server.
However, after closely analysing the scanning script, Newsky Security researcher Ankit Anubhav found that the tool also contains a secret backdoor, which essentially allows its creator to “hack the hacker.”
“For an attacker’s point of view, it can be very beneficial to hack a hacker,” Anubhav said.
“For example, if a script kiddie owns a botnet of 10,000 IoT and if he gets hacked, the entire botnet is now in control of the attacker who got control of the system of this script kiddie. Hence, by exploiting one device, he can add thousands of botnets to his army.”
The rise of IoT botnet and release of Mirai’s source code—the biggest IoT-based malware threat that emerged last year and took down Dyn DNS service—has encouraged criminal hackers to create their massive botnet either to launch DDoS attacks against their targets or to rent them to earn money.

Widget not in any sidebars

As shown in the self-explanatory flowchart, this IoT scanning script works in four steps:
First, it scans a set of IP addresses to find GoAhead servers vulnerable to a previously disclosed authentication bypass vulnerability (CVE-2017-8225) in Wireless IP Camera (P2P) WIFI CAM devices.
In the background, it secretly creates a backdoor user account (username: VM | password: Meme123) on the wannabe hacker’s system, giving the attacker same privilege as root.
Script also extracts the IP address of the wannabe hacker, allowing script author to access the compromised systems remotely.
Moreover, it also runs another payload on the script kiddie’s system, eventually installing a well-known botnet, dubbed Kaiten.
This tool is another example of backdoored hacking tools increasingly being distributed at various underground forums to hack the hacker.
In September, a backdoored Cobian RAT builder kit was spotted on multiple underground hacking forums for free but was caught containing a backdoored module that aimed to provide the kit’s authors access to all of the victim’s data.

Last year, we reported about another Facebook hacking tool, dubbed Remtasu, that actually was a Windows-based Trojan with the capability to access Facebook account credentials, but of the one who uses it to hack someone else.

The procedure is simple:

  • Just free download antivirus from CyberByte website either for Mac or Windows.
  • Install it using the antivirus installer package.
  • Windows and Mac users will free malware scan their devices. The scan duration depends on how many files the end user has.
  • CyberByte antivirus will show if any files are infected after the scan is finished.

The bottom line: Watch out the free online stuff very carefully before using them.

Source: TheHackerNews

Companies can protect them from hacking by using the best hosting and web hosting service available with the best cybersecurity.