Fragen? Antworten! Siehe auch: Alternativlos
The apparent purpose of this tool is to create trojanized PDF files. You select which EXE you want to embed, which PDF file you want to trojanize, and which platform you expect the victim to be using.Cool. Now, the real question is this: How on earth did we get our hands on such a tool?
You'd never guess it.
We received it inside a trojanized PDF file.
Here's what we believe happened:
Someone, somewhere was using this tool for the first time.
They did a test run, selecting a random PDF file and a random EXE to create a trojanized PDF, just as a test.
As a random EXE, they selected — wait for it — GenMDB.EXE itself!
Then the perpetrator was probably curious to find out if the trojan PDF would be detected by virus scanners or not.
So he uploaded the trojanized PDF to an online scanner.
HAHAHAHAHAHA, die Welt ist voller Idioten. Grandios!Ich vermute übrigens, dass das der Trojaner-Einfallsvektor eines Geheimdienstes ist. Niemand sonst braucht das in so ausgefeilt. Das muss Jahre gedauert haben, dieses Tool zu bauen. Und das hat der eine kleine Idiot gerade mit einem Klick vernichtet.