Abstract—We document the techniques used in an actual
hacking case which was took place in an academic organization.
The study describes the methodology used by the hacker to
infiltrate several faculty members’ desktop machines and
embed malware to gain access to private information and
manipulate student records. The Trojan and command and
control software that was retrieved by disassembly is presented
and analyzed. Finally we discuss why the methods used by the
attacker were so successful even though common security tools
were deployed at the organization and propose some
countermeasures.
Index Terms—Hacking, trust and security, computer
security, network security, malware analysis, Trojan, intrusion
detection.
Hesham M. Al-Ammal is with the University of Bahrain, Sakheer,
Bahrain (e-mail: halammal@uob.edu.bh).
[PDF]
Cite:Hesham M. Al-Ammal, "A Hacking Case Study: Detection, Communication, and Code," Journal of Advances in Computer Networks vol. 2, no. 1, pp. 18-23, 2014.