Review of jSpy a RAT from jSpy.net
Review of jSpy
Current version: 0.33
Developer URL: http://www.jspy.net/jspy/
Remote administrating tools with features such as webcam capture is nothing else then what earlier was named as trojans.
We decided to check out jSpy just because the developer states that no buyers must write anything bad about it in public.
Features
Features | jSpy |
---|---|
100% Fully Undetectable! You do not have to worry about security software blocking jSpy from running on your clients thus you do not have to spend extra money on a crypter! |
✔ |
Surveillance control, including but not limited to screen and webcam monitoring, and an advanced keylogger. |
✔ |
File manager allowing you to save, delete and start any file. | ✔ |
Full plugin access, add any feature you want. | ✔ |
Networking control, including but not limited to opening websites, downloading and executing and stress testing. |
✔ |
100% Fully undetectable
- It is undetectable if the developer would be quick with updating the stub. However, from our experience updates has taken way to long time, even when different users has reported this to the developer.
- We tested version 0,32 before version 0,33 was released and it was detected by both Avast and Norton.
- The Client is copied into $HOME. The jar file is not even hidden.
Immune to being blocked from security softwares
- Our client application asks for permission to connect on all platforms. E.g. blocked by “Little snitch”.
Keylogger
- Missing key presses.
- Does not support multiple languages. E.g. nothing useful got into log’s when trying on a computer with Greece language.
- The log from the key-logger; is saved on the client computer in the “home dir”. Path & name of log file can not be changed.
- It saves empty log files.
File manager
- Hard to use (Very bad UI)
- Can only download one file a the time.
- Download takes forever even locally, it’s simply a very bad implementation.
Screen monitoring
The screen monitoring “feature” causing our client Jar to crash and never reconnect (until reboot) on Windows 7.
Webcam monitoring
- We have tested it on Mac, Windows and Linux and we never got it to work.
- It does not support microphone which many users has expected and requested.
Conclusion, this is a very bad implementation of: https://github.com/sarxos/webcam-capture*
* The developer also forgot to mention that he borrowed this code, as stated in the MIT License.
Server
- Can’t remember which port your listening to.
- Connects to website every time and prints the version. This is a potential risk since the data is never verified, e.g. if the content of http://jspy.net/jspy/version.txt changes, everything from application crashes to process injection is possible.
- Exposing your IP-address etc. when it requires you to login before use. The day jspy.net is not renewed you will not be able to use the application anymore.
Other
- The entire app contains more try, catch blocks (usually a very bad sign) then code written by the developer himself.
- Developer claims that it’s platform independent. However, we found operating system specific code inside the application. E.g. the application runs uname and checks if it matching Debian to handle autostart.
- The client application does not always run and when building on windows we could not run it on mac sometimes.
- We have experienced in some cases, that the application does not start up if the computer is put into “sleep”.
- After uninstalling the server we have experienced that it continues to start after run.
Support
- The developer has stated that support is given on Skype and mail.
- However, from talk with the different buyers no one has got support on Skype.
- The buyers we have been in contact with, state that the support is under all critic.
I regret purchasing this so bad.
Source: http://www.hackforums.net/showthread.php?tid=4322875&pid=43227518#pid43227518
Conclusion
After our review of jSpy, the application gets 1/10 and a recommendation to not buy.
Do you have good or bad experience from jSpy? Please send us a email :–)