Sub7
| Original author(s) | mobman |
|---|---|
| Stable release |
Sub7 0.9 (2014)
|
| Written in | Delphi |
| Operating system | Microsoft Windows |
| Type | remote administration/trojan |
| License | freeware |
| Website | SubSeven Site |
Sub7, or SubSeven or Sub7Server, is a remote administration tool/trojan program (RAT—where the "T" can have a dual meaning in this case). Its name was derived by spelling NetBus backwards ("suBteN") and swapping "ten" with "seven". Sub7 was created by Mobman. Mobman has not maintained or updated the software since 2004, however an author known as Read101 has carried on the Sub7 legacy.
Because its typical use is to allow undetected and unauthorized access, Sub7 is usually described as a trojan horse by security experts. Starting with version 2.1 (1999) it could be controlled via IRC. As one security book phrased it: "This set the stage for all malicious botnets to come." Additionally Sub7 has some features deemed of little use in legitimate remote administration like keystroke logging.
Sub7 worked on the Windows 9x and on the Windows NT family of operating systems, up to and including Windows 8.1.
It was originally designed by someone with the handle 'mobman'. No development has occurred in several years until a new version scheduled for release on Feb. 28th, 2010. In October 2009 mobman was alleged to have stated via IRC that due to working and going to college full-time that he will not be able to help with Sub7.
In 2006 (sub7legends.net) re-opened with hundreds of thousands of users, and has kept Sub7 alive with clean downloads and support and new software releases.
SubSeven 2.3, released on March 9, 2010, was revamped to work on all 32-bit and 64-bit versions of Windows and includes TCP Tunnel and Password Recovery for browsers, instant messengers and email clients. It was very buggy and was not written in Delphi which the original author used. The website that claimed to do this is no longer active.
Like other remote admin programs, Sub7 is distributed with a server and a client. The server is the program that the host must run in order to have their machines controlled remotely, and the client is the program with a GUI that the user runs on their own machine to control the server/host PC. Computer security expert Steve Gibson once said that with these features, Sub7 allows a hacker to take "virtually complete control" over a computer. Sub7 is so invasive, he said, that anyone with it on their computer "might as well have the hacker standing right next to them" while using their computer.
...
Wikipedia