The Port Redirect feature in malware empowers attackers to channel network traffic between various ports, either within the compromised system or through an external server. This functionality is particularly advantageous for evading firewalls and network monitoring tools. One of its most potent uses is in lateral movementโ€”by redirecting traffic to other systems within a network, it facilitates easier access to additional targets. Even more insidiously, this feature allows the compromised system to act as a proxy for the attacker. By rerouting external traffic through the compromised machine, the attacker can effectively use its Internet connection to carry out further malicious activities, masking their own identity and location. This makes the compromised system a conduit for additional attacks, effectively implicating it in activities it had no part in.

Categories Usurpation, Lateral Movements
Dangerousness High

Associated with Releases

Version Origins Authors Languages Release Date
NetBus 1.70 logoNetBus 1.70 Sweden ๐Ÿ‡ธ๐Ÿ‡ช cf Delphi Nov, 1998
Back Orifice 2000 (BO2K) 1.0 logoBack Orifice 2000 (BO2K) 1.0 United States ๐Ÿ‡บ๐Ÿ‡ธ Cult of the Dead Cow (cDc) C++ Jul, 1999
SubSeven 2.1 logoSubSeven 2.1 Romania ๐Ÿ‡ท๐Ÿ‡ด, Canada ๐Ÿ‡จ๐Ÿ‡ฆ Mobman Delphi Nov, 1999
SubSeven 2.1.1 GOLD edition logoSubSeven 2.1.1 GOLD edition Romania ๐Ÿ‡ท๐Ÿ‡ด, Canada ๐Ÿ‡จ๐Ÿ‡ฆ Mobman Delphi Feb, 2000
SubSeven 2.1.2 M.U.I.E logoSubSeven 2.1.2 M.U.I.E Romania ๐Ÿ‡ท๐Ÿ‡ด, Canada ๐Ÿ‡จ๐Ÿ‡ฆ Mobman Delphi Apr, 2000
SubSeven 2.1.3 BONUS logoSubSeven 2.1.3 BONUS Romania ๐Ÿ‡ท๐Ÿ‡ด, Canada ๐Ÿ‡จ๐Ÿ‡ฆ Mobman Delphi Jun, 2000
SubSeven 2.1.4 DEFCON 8 logoSubSeven 2.1.4 DEFCON 8 Romania ๐Ÿ‡ท๐Ÿ‡ด, Canada ๐Ÿ‡จ๐Ÿ‡ฆ Mobman Delphi Jul, 2000
SubSeven 2.2 logoSubSeven 2.2 Romania ๐Ÿ‡ท๐Ÿ‡ด, Canada ๐Ÿ‡จ๐Ÿ‡ฆ Mobman Delphi Mar, 2001
MoSucker 3.0b logoMoSucker 3.0b Germany ๐Ÿ‡ฉ๐Ÿ‡ช Superchachi Visual Basic 6 (VB6) Nov, 2002
SubSeven 2.1.5 Legends logoSubSeven 2.1.5 Legends Romania ๐Ÿ‡ท๐Ÿ‡ด, Canada ๐Ÿ‡จ๐Ÿ‡ฆ Mobman Delphi Feb, 2003
Optix Pro 1.32 logoOptix Pro 1.32 Unknown ๐Ÿดโ€โ˜ ๏ธ s13az3 , xMs Delphi Sep, 2003
CIA 1.2 logoCIA 1.2 England ๐Ÿด๓ ง๓ ข๓ ฅ๓ ฎ๓ ง๓ ฟ Alchemist Visual Basic 6 (VB6) Sep, 2003
Nuclear RAT 1.0 Beta 5 logoNuclear RAT 1.0 Beta 5 Brazil ๐Ÿ‡ง๐Ÿ‡ท Caesar2k Delphi Feb, 2004
Infector NG 2004 2.1.0 logoInfector NG 2004 2.1.0 Belgium ๐Ÿ‡ง๐Ÿ‡ช, United Kingdom ๐Ÿ‡ฌ๐Ÿ‡ง fc , Infiltration Delphi May, 2004
Optix Pro 1.33 logoOptix Pro 1.33 Unknown ๐Ÿดโ€โ˜ ๏ธ s13az3 Delphi Aug, 2004
Flux 1.0 logoFlux 1.0 Unknown ๐Ÿดโ€โ˜ ๏ธ Gargamel C++ Aug, 2004
Institution 2004 0.4.0 logoInstitution 2004 0.4.0 United States ๐Ÿ‡บ๐Ÿ‡ธ Aphex Delphi Oct, 2004
Bandook 1.35 logoBandook 1.35 Lebanon ๐Ÿ‡ฑ๐Ÿ‡ง PrinceAli Delphi, C++ Apr, 2007
Poison Ivy 2.3.0 logoPoison Ivy 2.3.0 Sweden ๐Ÿ‡ธ๐Ÿ‡ช Shapeless Delphi, MASM Jun, 2007
sharK 2.4.0 Fwb+ logosharK 2.4.0 Fwb+ Germany ๐Ÿ‡ฉ๐Ÿ‡ช sNiper109 , rockZ Visual Basic 6 (VB6) Aug, 2007
Nuclear RAT 2.1.0 logoNuclear RAT 2.1.0 Brazil ๐Ÿ‡ง๐Ÿ‡ท Caesar2k Delphi Sep, 2007
Poison Ivy 2.3.2 logoPoison Ivy 2.3.2 Sweden ๐Ÿ‡ธ๐Ÿ‡ช Shapeless Delphi, MASM Jan, 2008
sharK 3.1 fwb++ logosharK 3.1 fwb++ Germany ๐Ÿ‡ฉ๐Ÿ‡ช sNiper109 , rockZ Visual Basic 6 (VB6) Mar, 2008
Spy-Net 2.6 logoSpy-Net 2.6 Brazil ๐Ÿ‡ง๐Ÿ‡ท Raphael Delphi Oct, 2009
DarkComet RAT 2.0 RC4 logoDarkComet RAT 2.0 RC4 France ๐Ÿ‡ซ๐Ÿ‡ท DarkCoderSc Delphi Mar, 2010
CyberGate 1.04.8 logoCyberGate 1.04.8 United States ๐Ÿ‡บ๐Ÿ‡ธ johnyk Delphi Apr, 2010
Xtreme RAT 2.9 logoXtreme RAT 2.9 Brazil ๐Ÿ‡ง๐Ÿ‡ท Raphael Delphi Jul, 2011
DarkComet RAT 5.3.1 logoDarkComet RAT 5.3.1 France ๐Ÿ‡ซ๐Ÿ‡ท DarkCoderSc Delphi Jun, 2012