Optix Pro
| Optix Pro | |
|---|---|
| Basic data
|
|
| developer | s13az3 |
| Current version | 1.33 (August 4, 2004) |
| operating system | Microsoft Windows |
| category | remote maintenance |
| License | Freeware |
| German speaking | No |
Optix Pro is a freely available remote maintenance tool for Windows that is mostly used illegally .
The tool was developed and published by "s13az3", the developer's code name. Optix Pro is no longer being developed.
version
The first version was discovered on August 30, 2002. The program is available in versions 1.0, 1.1, 1.2, 1.3, 1.31, 1.32 and 1.33. The last version was published on August 4, 2004. There is also a Lite version of the tool with limited functions . The last release of a lite version took place on October 15, 2002 as version 5.01. Both variants were written in Delphi .
Features and function
Like all remote maintenance programs, Optix Pro consists of a client and a server program. The ports used are variably selectable. In its functionality, it is very similar to Back Orifice , NetBus and SubSeven . The remote maintenance tool allows program files to be linked to another file so that harmful code is hidden behind code that appears harmless (so-called Trojan horses ). As spy software, Optix Pro is mostly distributed via email , Usenet or instant messengers . When Optix Pro is active, it does not display an icon, nor does it appear in the task list.
Windows systems infected with the server can be controlled remotely and, for example:
- Read keystrokes
- Transfer images from a webcam
- Upload, download and delete files
- Run programs
- Change configurations
- Take control of the mouse and keyboard
- "Photograph" the screen content
- Carry out actions such as restarting the computer, logging out the user, starting hibernation
- Generation of "error, warning and info messages"
- Attackers can also switch off a firewall or antivirus programs.
use
Thanks to the comfortable program interface, Optix Pro is also used deliberately for remote maintenance. According to the Evil Eye Software website, the remote access tool has been downloaded over 370,000 times and the Optix-Lite variant over 42,100 times.
Access is usually protected by a password. However, all versions up to 1.2 have the built-in master password kjui3498fjk34289890fwe334gfew4ger$"sdfthat was built in by the developer. s13az3 already confirmed and published the back door in early 2004. When the backdoor became known , its popularity fell sharply. However, all Optix Pro 1.3x versions should no longer have this backdoor.
Web links
- Backdoor program gets backdoored . theregister.co.uk, June 13, 2004
- Optix Pro versions. ( Memento of April 28, 2007 in the Internet Archive ) MegaSecurity.org
- Backdoor in the backdoor . Heise Security , June 14, 2004
- Backdoor.OptixPro.13b . Symantec Risk Analysis