Friday, July 4, 2008

W01f Quiz

Finally my first Trojan horse was born. I always wanted to write a simple Trojan to demostrate how vulnerable our PC can be. Nowadays, malware can easily compromise your system via Podslurping, Games/MP3 downloaded from Internet or a simple game (like this Torjan that i have written). Many people have the misconception that by having an updated Anti-Virus, it will protect them from all the malware.

This Trojan, W01f Quiz, is written in VBscript. I made used of some basic method from malware in this program such as
- Change of Registry
- Adding of "malicious" file in to system folder
- Set hidden file
- Trick victim with a game

It is basically written for educational purpose. To educate users to beware of programs (such as games, MP3) that were downloaded or passes around by friends. This Trojan is not malicious and will not cause any hurt to your system. You should try it and also pass around to your friends and colleagues. It consist of an interesting quiz game. You can help to educate your friends after they start to see the pop up. There is also a removal tool available for you to cleanly remove it.

Click at the file - W01fQuiz-0.1.zip to download the Trojan (MD5:047CE91054176C361A049E8495A63E96)

Trojan Removal and Protection
For those have been "infected" by my Trojan, you will see a "Trojan Alert" pop-up shown below.

If you see the above pop up, it means that your system is not properly secure. To protect your system against simple malware (like this one), do the following:
- Restrict Registry access
- Proper user access control (especially on the System folder)
- Properly harden your Windows (based on the common best practise such as Centre of Internet Security's Standards)

To properly remove this Trojan from your system, simply download the removal tool below. Please run this tool before you harden your system.

Click at the file - W01fQuiz_removal-0.1.zip to download the removal tool (MD5:5C18581BE8BE6ED79F696DDE9DF0B50E)

No comments: