Sub7
Encyclopedia
Sub7, or SubSeven or Sub7Server, is the name of a Remote Administration Tool (RAT) program. Its name was derived by spelling NetBus
backwards ("suBteN") and swapping "ten" with "seven".
It was originally designed by someone with the handle 'mobman'. No development has occurred in several years until a new version scheduled for release on Feb. 28th, 2010. The Sub7 project was dormant for over 6 years until its return in July 2009 when mobman and fc revived the project, marking 10 years after its original creation in 1999. In October 2009 mobman informed fc and the sub7crew via IRC that due to working and going to college full time that he will not be able to help with the current development of Sub7.
Like other remote admin programs, Sub7 is distributed with a server
and a client
. The server is the program that the host must run in order to have their machines controlled remote, and the client is the program with a GUI
that the user runs on their own machine to control the server/host PC.
Sub7 has more features than Netbus
(webcam capture, multiple port redirect, user-friendly registry editor, chat and more), but it always tries to install itself into windows directory and it does not have activity logging.
SubSeven 2.3 was released on March 9, 2010 after over 11 years since SubSevens initial creation by mobman, and 6 years since the last release 2.1.5 that is now unable to run on modern computers XP/Vista/Windows 7. Version 2.3 was released by Read101 with rumours of mobmans blessing and backing of the continuation of the SubSeven project.
SubSeven 2.3 has been revamped to work on all 32bit and 64bit versions of Windows and includes TCP Tunnel and Password Recovery for browsers, instant messengers and email clients.
SubSeven has been used to gain unauthorized access to computers. While it can be used for making mischief (such as making sound files play out of nowhere, change screen colors, etc.), it can also read keystrokes that occurred since the last boot--a capability that can be used to steal passwords and credit card numbers.
In 2003, a hacker began distributing a Spanish-language email purporting to be from security firm Symantec
that was used to trick recipients into downloading Sub7.
Nearly all antivirus programs can detect Sub7 and prevent it from being installed.
The defacement information was put online on a opensource forum http://www.opensc.ws/off-topic/9907-subseven-org-hacked-punk.html.
The hacker behind the defacement stated that he and many others were not happy about the sudden announcement that the Sub7 will charge $15 to have access to the official Sub7 community forums.
Last News from the Sub7 team
Later News from the Sub7 team
NetBus
NetBus or Netbus is a software program for remotely controlling a Microsoft Windows computer system over a network. It was created in 1998 and has been very controversial for its potential of being used as a backdoor....
backwards ("suBteN") and swapping "ten" with "seven".
It was originally designed by someone with the handle 'mobman'. No development has occurred in several years until a new version scheduled for release on Feb. 28th, 2010. The Sub7 project was dormant for over 6 years until its return in July 2009 when mobman and fc revived the project, marking 10 years after its original creation in 1999. In October 2009 mobman informed fc and the sub7crew via IRC that due to working and going to college full time that he will not be able to help with the current development of Sub7.
Like other remote admin programs, Sub7 is distributed with a server
Server (computing)
In the context of client-server architecture, a server is a computer program running to serve the requests of other programs, the "clients". Thus, the "server" performs some computational task on behalf of "clients"...
and a client
Client (computing)
A client is an application or system that accesses a service made available by a server. The server is often on another computer system, in which case the client accesses the service by way of a network....
. The server is the program that the host must run in order to have their machines controlled remote, and the client is the program with a GUI
Gui
Gui or guee is a generic term to refer to grilled dishes in Korean cuisine. These most commonly have meat or fish as their primary ingredient, but may in some cases also comprise grilled vegetables or other vegetarian ingredients. The term derives from the verb, "gupda" in Korean, which literally...
that the user runs on their own machine to control the server/host PC.
Sub7 has more features than Netbus
NetBus
NetBus or Netbus is a software program for remotely controlling a Microsoft Windows computer system over a network. It was created in 1998 and has been very controversial for its potential of being used as a backdoor....
(webcam capture, multiple port redirect, user-friendly registry editor, chat and more), but it always tries to install itself into windows directory and it does not have activity logging.
SubSeven 2.3 was released on March 9, 2010 after over 11 years since SubSevens initial creation by mobman, and 6 years since the last release 2.1.5 that is now unable to run on modern computers XP/Vista/Windows 7. Version 2.3 was released by Read101 with rumours of mobmans blessing and backing of the continuation of the SubSeven project.
SubSeven 2.3 has been revamped to work on all 32bit and 64bit versions of Windows and includes TCP Tunnel and Password Recovery for browsers, instant messengers and email clients.
SubSeven has been used to gain unauthorized access to computers. While it can be used for making mischief (such as making sound files play out of nowhere, change screen colors, etc.), it can also read keystrokes that occurred since the last boot--a capability that can be used to steal passwords and credit card numbers.
In 2003, a hacker began distributing a Spanish-language email purporting to be from security firm Symantec
Symantec
Symantec Corporation is the largest maker of security software for computers. The company is headquartered in Mountain View, California, and is a Fortune 500 company and a member of the S&P 500 stock market index.-History:...
that was used to trick recipients into downloading Sub7.
Nearly all antivirus programs can detect Sub7 and prevent it from being installed.
Defacement
26 March 2010 subseven.org and subcrew.org were hacked and defaced by a hacker.The defacement information was put online on a opensource forum http://www.opensc.ws/off-topic/9907-subseven-org-hacked-punk.html.
The hacker behind the defacement stated that he and many others were not happy about the sudden announcement that the Sub7 will charge $15 to have access to the official Sub7 community forums.
2010 events
On 1 April 2010, 5 days after the website of subseven.org was defaced, the Sub7 team announced on their website that the project has been shut down, due to the incident with the hacker -Punk-. The Sub7 team announced that the hacker has stolen the source code and deleted all the projects database. First it was believed to be an April fools joke, but after the website did not get back online days later and following the aggressive argumentation in an open source forum, it turned out that this was not an April fools joke. A month later, in May 2010, a new news message was posted to the website, saying the project was going to be restarted despite of what had been said one month previously. Original creator mobman would also return to the project.Last News from the Sub7 team
2010/04/10 - SubSeven Is No More
The SubSeven Project has come to an end due to a compromise by a group called -PuNk-. They stole the source code and deleted all of our website and project databases. Because of this we have decided to close SubSeven and not reopen the project ever again. It was fun while it lasted.
Later News from the Sub7 team
2010/05/10
by mobman / read101 / fc / SubZ / cosmic and Sub7Crew.
Greets to all the fans. We will return.