Overview
Vendor Notes:
'How it works :
Client The client uses winsock to send commands to the server to grab the screen names and passwords. When you type in the ip address and click connect winsock sends information to the server asking for a connection request if the server is open it will make a connection with your comp to the victims comp. then once the server sends the information to the client it will display the stolen names and passwords into a list box.
Server The server also uses winsock to send the screen name and password information back to the client. It first gets the sns and pws from the system registry, decrypts them and then puts them into a list box.
How to use it : First you send the victim the "aim password stealer server.exe" (you might want to rename the exe first...duh!!) then you will have to get there ip addess. there are serveral ways of doing this.
1.open dos prompt and type in "netstat -n" its usually the 3rd ip from the top... 2.use a program from lenshell called "ip theif pro 8" my favorite and is the best way of gettin someones ip on aim 3.if your lucky ask them and they might give it to you
Second they will have to open the server file in order for you to get their shit. try to think of something convincing.... Third open the client type in the ip of the person then click connect. wait for it to connect...shouldnt take long unless they have a really slow connection. once your connected click on the file menu and select get screen names and get passwords. wait untill they show up in the list boxes. if nothing shows up then they dont have anything saved...or there was an error.
i think that about sums it up if you need anymore information just ask me i tried to explain the best i could...'
Category:
AOL Pest: Any password stealer, exploit, DoS attack, or ICQ hack aimed at users of AOL. ICQ is an instant messenger service from mirabilis.com, now AOL. ICQ is a favorite service among hackers, and ICQ features are built into many trojans (such as stealing user's passwords, UINs, or notifying the hacker). Users of ICQ are warned ""By using the ICQ service and software... you may be subject to various risks, including... Spoofing, eavesdropping, sniffing, spamming, breaking passwords, harassment, fraud, forgery, 'imposturing', electronic trespassing, tampering, hacking, nuking, system contamination including without limitation use of viruses, worms and Trojan horses causing unauthorized, damaging or harmful access and/or retrieval of information and data on your computer and other forms of activity that may even be considered unlawful.""
Similar Pests:
Origins
Author:
EMail:
Date of Origin:
Operation
Storage Required:
Detection and Removal
Automatic Removal:
PestPatrol detects this.
PestPatrol removes this.
Manual Removal:
Kill these running processes with Task Manager:
Remove these files (if present) with Windows Explorer:
Research
File Analyses:
- AIM Password Stealer (James): aim password stealer server.exe · aim password stealer.exe · read me.txt