DarkComet

DarkComet Description

DarkComet is a malware threat that has started to proliferate since the beginning of 2012. ESG security researchers have found that DarkComet is strongly associated with the conflict between political dissidents and the Syrian government. Basically, DarkComet is a full-fledged remote access Trojan (RAT), which allows a remote party to connect to the infected computer system and use it from afar. With full access to the victim's computer system, hackers can basically steal any information on the infected computer or use it for their own means. DarkComet uses a vulnerability in Skype, the popular online chat application, in order to spread. Whenever DarkComet's executable file runs, it connects to a server located in Syria from which DarkComet receives updates, instructions and the files DarkComet needs to take over the victim's computer system. ESG security analysts have associated this Syrian server's IP address to a range of IP addresses officially belonging to the Syrian government's agency for telecommunications. This raises suspicions connecting the Syrian government to the use of DarkComet to take out its oppositions' computer systems. One of the most characteristic features of the Arab Spring movement is the fact that they use online social networks and rely heavily on programs like Skype to communicate, it does not seem farfetched that the Syrian government would try to use malware to disrupt their opposition's activities. In fact, this is not something new; a branch of regime supporters known as the 'Syrian Electronic Army' has already been known to attempt to disrupt the opposition movement by attacking websites and Facebook pages associated with the Syrian opposition movement.

An Overview of a DarkComet Attack

DarkComet is not exclusive to the Syrian conflict and is a remote access Trojan that is widely available. Using DarkComet, an intruder can use the infected computer's webcam to take pictures and video, use the infected computer's microphone to eavesdrop on the victim and also take over the victim's computer system in order to steal data. DarkComet also is able to track keystrokes on the infected computer and allow criminals to transfer files into and out of the infected computer. With this level of control, the damage a hacker can do using DarkComet is unlimited. Through Skype chat, hackers spread files using a Facebook icon which actually contain executable files designed to install DarkComet on the infected computer system.

Infected with DarkComet? Scan Your PC

Download SpyHunter's Spyware Scanner
to Detect DarkComet
* SpyHunter's scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read more on SpyHunter. If you no longer wish to have SpyHunter installed on your computer, follow these steps to uninstall SpyHunter.

Security Doesn't Let You Download SpyHunter or Access the Internet?


Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.

If you still can't install SpyHunter? View other possible causes of installation issues.

Technical Information

File System Details

DarkComet creates the following file(s):
# File Name Size MD5 Detection Count
1 file.exe 395,776 df99555ed03c85f24ee6ec5fa7f247f0 16

Related Posts

Site Disclaimer

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as is:
What is 12 + 4 ?