Monday, 2 February 2015

redpill Hacker with Custom Website


redpill released a new powerful spy program called redpill Hacker. One of the program features is to create different delivery packages. Using a custom website as a delivery package has been proven to have the best success rate of all delivery methods.

A lot of computer users know not to open attachments or click on links in emails. You can get past some of them by using social engineering and winning their trust before sending the link or attachment, but some hard targets (security aware users) might still be a problem.For those targets, a custom web option is your best choice.

How the Custom Website Delivery Method Works:

As mentioned, a lot of users will not open an attachment or click on a link, but they might be willing to install a useful application directly from the providers website. The key is to choose a product that the target will be interested in.

Depending on your target, you can think of an application/product that the target will be interested in. Examples would be:
  • Secure Chat Application - you email the target telling him about the great secure chat app that you want to use to chat with him.
  • Hobby - you use facebook to find out what the target's hobby or interests is and then choose a program that he would want to install. You then just tell him about the great program (on facebook, via email, etc).
  • Virus Removal Tool 
  • etc.
After you chose your product, the following happens:
  1. You contact redpill that will develop the custom website for you.
  2. You purchase the domain and hosting from a hosting company like GoDaddy (not expensive, but wait for instructions from redpill as there are some specific requirements needed for the hosting)
  3. You use redpill Hacker to upload your 'product' to the website.
From the target side, the following will happen:
  1. You will send them a email or message on facebook telling them about this great free product.
  2. They will go to the website and see it is a real product (website will look legit).
  3. They click on the Install button on the website but will then receive a message saying 'computer is not compatible', 'virus was removed' ...or any message you want depending on the product you chose.
  4. They will think the installation failed or the operation completed but instead the spy program would have been installed.
  5. You will start to receive data.
You can use your website for multiple installations. You can just use redpill Hacker to update your module after each install so that you will receive the data in separate accounts. 

Please note:
  • redpill gives a price option for 'redpill Hacker with Custom Website'. The website will be a simple 3-4  page website with a main page, feature page, download page and contact page (can be changed for other pages depending on your product) Basic graphics will be included. If you have more advanced requirements it will be charged for extra.
  • The price for the hosting and domain registration is not included. You will need to purchase it separately (not expensive). For legal reasons redpill will not purchase the domain or do the hosting.
  • This method should only be used in targeted installs and not for phishing (if you do, your website might be flagged as malicious).
  • redpill Hacker or your website should not be used illegally.
For more information about redpill Hacker, visit http://www.redpill.co.za


No comments:

Post a Comment