Beast is a Windows-based backdoor trojan horse, more commonly known in the hacking community as a Remote Administration Tool or a "RAT". It is capable of infecting versions of Windows from 95 to XP.[1] Written in Delphi and released first by its author Tataye in 2002,[2] it became quite popular due to its unique features. It used the typical client–server model where the client would be under operation by the attacker and the server is what would infect the victim. Beast was one of the first trojans to feature a reverse connection to its victims, and once established it gave the attacker complete control over the infected computer.[2][3] The virus would be harmless until opened. When opened, the virus would use the code injection method to inject itself into other applications.[4]

Beast
Developer(s)Tataye
Final release
2.07 / August 3, 2004
Operating systemMicrosoft Windows
Type
LicenseFreeware

On a machine running Windows XP, removal of three files (“explorer.exe” (Windows Explorer), “iexplore.exe” (Internet Explorer), or “msnmsgr.exe” (MSN Messenger)) in safe mode with system restore turned off would disinfect the system.[5]

Usage

edit

The default ports used for the direct and reverse connections were 6666 and 9999 respectively, though the attacker had the option of changing these. Beast came with a built-in firewall bypasser and had the ability of terminating some Anti-Virus or firewall processes. It also came with a file binder that could be used to join two or more files together into one executable.

See also

edit

References

edit
  1. ^ Bailey (22 April 2014). "Beast". Retrieved 7 January 2019.
  2. ^ a b Ranjan, Atish (15 December 2013). "Ultimate List of Top 25 Dangerous Computer Viruses of All Time". Tech Tricks World. Retrieved 17 January 2016.
  3. ^ Manky, Derek (15 November 2010). "Ten years of evolving threats: A look back at the impact of notable malicious wares of the past decade". SC Magazine. Retrieved 17 January 2016.
  4. ^ Afam Onyimadu (3 September 2018). "How Does Code Injection Work?". Retrieved 7 January 2019.
  5. ^ Molotkov, S. N. (2019-12-23). "Trojan Horse Attacks, Decoy State Method, and Side Channels of Information Leakage in Quantum Cryptography". Journal of Experimental and Theoretical Physics. 130 (6): 809–832. doi:10.1134/s1063776120050064. ISSN 1063-7761. S2CID 225862134.