Icarus Antiterrorism Trojan, Cyberweapon to Command-and-Control Terrorist's IT assets 🛡️
Here i show you my Research about how a Trojan for anti-terrorism use is build, and how it can be used in order to defeat organized crime
Research Abstract
In recent decades, we have witnessed an increase in terrorist attacks and activities criminals, who have adapted their strategies thanks to the advancement of technology, investing in servers and IT infrastructure for services, data storage and communications. Examples of attacks on the infrastructure of the Colombian Cartel or the Triad China, demonstrate how in other countries coalitions of hackers use Trojans to carry out eavesdropping, and how crucial it is to use these tools to counteract the criminal associations.
Despite this, in Italy, as pointed out by the Honorable Nicola Gratteri (Italian Magistrate dedicated to the fight against the Mafia), these methodologies are still debated. This thesis aims to contribute to the development of counterterrorist tools by providing a new Trojan model, called Icarus.
The project stems from the belief that research and scientific progress are fundamental for the maintenance of National Security. This can also be inferred through the consultation of the annual National Security Report carried out by the Intelligence Branch. At the technical level, the investigative tool developed (Icarus), allows for the execution of actions of undetectable command-and-control on a possible terrorist-like IT asset belonging to criminal organizations, allowing the subsequent interception of activities inside and external to the machine under analysis.
In detail, Icarus, developed in the C++ language, aims to ensure persistent access, stable and undetectable access on a remote Windows x64 machine. Such a tool, exploits techniques advanced AntiVirus Evasion and Obfuscation to prevent detection. Its development was occurred through the manipulation of the internal structures of the Windows Kernel, obtained through Reverse Engineering of the binaries of that Kernel.
Finally, important to note that Icarus is an extremely cross-cutting project; during the development, advanced techniques in Networking, Operating Systems, Cryptography and Social Engineering.
Despite this, in Italy, as pointed out by the Honorable Nicola Gratteri (Italian Magistrate dedicated to the fight against the Mafia), these methodologies are still debated. This thesis aims to contribute to the development of counterterrorist tools by providing a new Trojan model, called Icarus.
The project stems from the belief that research and scientific progress are fundamental for the maintenance of National Security. This can also be inferred through the consultation of the annual National Security Report carried out by the Intelligence Branch. At the technical level, the investigative tool developed (Icarus), allows for the execution of actions of undetectable command-and-control on a possible terrorist-like IT asset belonging to criminal organizations, allowing the subsequent interception of activities inside and external to the machine under analysis.
In detail, Icarus, developed in the C++ language, aims to ensure persistent access, stable and undetectable access on a remote Windows x64 machine. Such a tool, exploits techniques advanced AntiVirus Evasion and Obfuscation to prevent detection. Its development was occurred through the manipulation of the internal structures of the Windows Kernel, obtained through Reverse Engineering of the binaries of that Kernel.
Finally, important to note that Icarus is an extremely cross-cutting project; during the development, advanced techniques in Networking, Operating Systems, Cryptography and Social Engineering.
Thesis work in pdf format
The research work is in Italian, i recommend you to use DeepL to translate it in a rapid way
This post is licensed under CC BY 4.0 by the author.