Port Redirect / Proxy - Malware Gallery (Beta)


The Port Redirect feature in malware empowers attackers to channel network traffic between various ports, either within the compromised system or through an external server. This functionality is particularly advantageous for evading firewalls and network monitoring tools. One of its most potent uses is in lateral movementβ€”by redirecting traffic to other systems within a network, it facilitates easier access to additional targets. Even more insidiously, this feature allows the compromised system to act as a proxy for the attacker. By rerouting external traffic through the compromised machine, the attacker can effectively use its Internet connection to carry out further malicious activities, masking their own identity and location. This makes the compromised system a conduit for additional attacks, effectively implicating it in activities it had no part in.

Categories Lateral Movements, Usurpation
Dangerousness High

Associated with Releases

Version Origins Authors Languages Release Date
NetBus 1.70 logoNetBus 1.70 Sweden πŸ‡ΈπŸ‡ͺ cf Delphi Nov, 1998
Back Orifice 2000 (BO2K) 1.0 logoBack Orifice 2000 (BO2K) 1.0 United States πŸ‡ΊπŸ‡Έ Cult of the Dead Cow (cDc) C++ Jul, 1999
SubSeven 2.1 logoSubSeven 2.1 Romania πŸ‡·πŸ‡΄ Mobman Delphi Nov, 1999
SubSeven 2.1.1 GOLD edition logoSubSeven 2.1.1 GOLD edition Romania πŸ‡·πŸ‡΄ Mobman Delphi Feb, 2000
SubSeven 2.1.2 M.U.I.E logoSubSeven 2.1.2 M.U.I.E Romania πŸ‡·πŸ‡΄ Mobman Delphi Apr, 2000
SubSeven 2.1.3 BONUS logoSubSeven 2.1.3 BONUS Romania πŸ‡·πŸ‡΄ Mobman Delphi Jun, 2000
SubSeven 2.1.4 DEFCON 8 logoSubSeven 2.1.4 DEFCON 8 Romania πŸ‡·πŸ‡΄ Mobman Delphi Jul, 2000
SubSeven 2.2 logoSubSeven 2.2 Romania πŸ‡·πŸ‡΄ Mobman Delphi Mar, 2001
MoSucker 3.0b logoMoSucker 3.0b Unknown πŸ΄β€β˜ οΈ Superchachi Visual Basic 6 (VB6) Nov, 2002
SubSeven 2.1.5 Legends logoSubSeven 2.1.5 Legends Romania πŸ‡·πŸ‡΄ Mobman Delphi Feb, 2003
Nuclear RAT 1.0 Beta 5 logoNuclear RAT 1.0 Beta 5 Brazil πŸ‡§πŸ‡· Caesar2k Delphi Feb, 2004
Infector NG 2004 2.1.0 logoInfector NG 2004 2.1.0 Belgium πŸ‡§πŸ‡ͺ, United Kingdom πŸ‡¬πŸ‡§ fc , Infiltration Delphi May, 2004
Optix Pro 1.33 logoOptix Pro 1.33 Unknown πŸ΄β€β˜ οΈ s13az3 Delphi Aug, 2004
Flux 1.0 logoFlux 1.0 Unknown πŸ΄β€β˜ οΈ Gargamel C++ Aug, 2004
Institution 2004 0.4.0 logoInstitution 2004 0.4.0 United States πŸ‡ΊπŸ‡Έ Aphex Delphi Oct, 2004
Bandook 1.35 logoBandook 1.35 Lebanon πŸ‡±πŸ‡§ PrinceAli Delphi, C++ Apr, 2007
Poison Ivy 2.3.0 logoPoison Ivy 2.3.0 Sweden πŸ‡ΈπŸ‡ͺ Shapeless Delphi, MASM Jun, 2007
sharK 2.4.0 Fwb+ logosharK 2.4.0 Fwb+ Germany πŸ‡©πŸ‡ͺ sNiper109 , rockZ Visual Basic 6 (VB6) Aug, 2007
Nuclear RAT 2.1.0 logoNuclear RAT 2.1.0 Brazil πŸ‡§πŸ‡· Caesar2k Delphi Sep, 2007
Poison Ivy 2.3.2 logoPoison Ivy 2.3.2 Sweden πŸ‡ΈπŸ‡ͺ Shapeless Delphi, MASM Jan, 2008
sharK 3.1 fwb++ logosharK 3.1 fwb++ Germany πŸ‡©πŸ‡ͺ sNiper109 , rockZ Visual Basic 6 (VB6) Mar, 2008
Spy-Net 2.6 logoSpy-Net 2.6 Brazil πŸ‡§πŸ‡· Raphael Delphi Oct, 2009
DarkComet RAT 2.0 RC4 logoDarkComet RAT 2.0 RC4 France πŸ‡«πŸ‡· DarkCoderSc Delphi Mar, 2010
CyberGate 1.04.8 logoCyberGate 1.04.8 United States πŸ‡ΊπŸ‡Έ johnyk Delphi Apr, 2010
Xtreme RAT 2.9 logoXtreme RAT 2.9 Brazil πŸ‡§πŸ‡· Raphael Delphi Jul, 2011
DarkComet RAT 5.3.1 logoDarkComet RAT 5.3.1 France πŸ‡«πŸ‡· DarkCoderSc Delphi Jun, 2012