Talk:DarkComet

Plagiarized section on Miss Teen America incident

Prior to my edit (https://en.wikipedia.org/w/index.php?title=DarkComet&oldid=702155596), this article contained a direct copy/paste (ref'd but not quoted) from the Ars Technica source. I cannot rewrite it at this time, so I removed the content for now.

Miss Teen America

The sextortionist who snapped nude pictures of Miss Teen USA Cassidy Wolf through her laptop's webcam has been found and arrested, the FBI revealed yesterday. 19-year old Jared James Abrahams, a California computer science student who went by the online handle "cutefuzzypuppy," had as many as 150 "slave" computers under his control during the height of his webcam spying in 2012.

Watching all of those webcams to see when a young woman changes her clothes takes a serious time commitment, and Abrahams made one; he "was always at his computer," according to the FBI complaint against him. Abrahams turned himself in after the complaint was unsealed, and a federal judge released him on a $50,000 bond.^[1]

korbnep «talk» 20:30, 28 January 2016 (UTC)

References

1. Anderson, Nate. "How the FBI found Miss Teen USA's webcam spy". Arstechnica.

Detection

Under the "Detection" heading i think it would be a good addition to add other ways of how this R.A.T can be combated. Maybe possible ways of how to spot these Trojans, or how a user of this program can make it more undetectable with the use of encryption programs.

Mkmkiser (talk) 16:55, 25 January 2017 (UTC)

Wrong informations

Hello,

As the genuine author of DarkComet RAT I would like to mention that a funny guy always edit the page and placing wrong informations.

DarkComet RAT is not from united kingdom but from France > Check your sources ex: https://www.wired.com/2012/07/dark-comet-syrian-spy-tool/

DarkComet RAT official website is not darkcomet.net but darkcomet-rat.com

darkcomet.net is a fake website hosted by a UK guy who try to sell a backdoored copy of darkcomet, by keeping this fake link as website is dangerous for your readers.

Wikipedia moderators should definitely do something against that.

Thanks in advance

JPL — Preceding unsigned comment added by PhrozenSAS (talk • contribs) 10:35, 22 August 2017 (UTC)

I do not understand the obsession behind "official source" and unofficial source. However, upon visiting darkcomet-rat.com (with a sandboxed browser, because this is an claimed malware tool), it is determined that the original author ceased production and claims any other website is fake. I am inclined to believe the original author. Indeed, whois data for darkcomet-rat.com and darkcomet.net shows that the former was registered in 2009, and darkcomet.net only showed up April of 2017. I have reverted an edit that attempted to link to the future website. If that IP editor wishes to come to this talk page and dispute this, then they are welcome to. Tutelary (talk) 03:30, 12 December 2017 (UTC)

Dark comet main descriptor should be corrected

Dark comet is itself not malware nor remote access trojan. It is a remote administration/access tool. The use may be malicious but the software itself is not malicious. Much like torrenting software may be used in malicious/illegal ways but the software itself is neutral. — Preceding unsigned comment added by FreePancakes (talk • contribs) 19:21, 12 February 2018 (UTC)

Someone is modifying the page for spreading Malware

Someone is modifying this source page to spread Malware through a fake website (phishing website)

The official website is http://www.darkcomet-rat.com/

The script kiddy behind this mass edit is using his phishing website http://www.darkcometrat.com/ (without the -) to attract readers from Wikipedia to his website for spreading and infecting readers with Malware.

This page should be locked for that reason.

 Not done @PhrozenSAS: to request page protection please see WP:RFPP. — xaosflux ^Talk 15:17, 7 August 2018 (UTC)

Semi-protected edit request on 19 September 2020

I really disagree with the first sentence straight up calling it a trojan. There's lots of legitimate functions for it. HOWEVER, I do recognize that it is used for that purpose a lot. So maybe the second sentence or something can mention that, but labelling the whole thing a trojan is jumping the gun a bit. Especially when the hyperlink redirects to "Remote access software". 24.60.59.171 (talk) 01:10, 19 September 2020 (UTC) 24.60.59.171 (talk) 01:10, 19 September 2020 (UTC)

 Not done: please provide reliable sources that support the change you want to be made. Eggishorn (talk) (contrib) 21:30, 19 September 2020 (UTC)

It's a remote administrative tool. https://en.wikipedia.org/wiki/Remote_desktop_software <----- as you can see, DarkComet is referenced at the bottom. Here's your sources, pal. https://web.archive.org/web/20140426053741/http://www.contextis.com/research/blog/malware-analysis-dark-comet-rat/ and Denbow, Shawn. "pest control: taming the rats"... But you probably don't think these are reliable sources, so I don't know what to tell you. Google DarkComet. It's called a RAT on every website that hasn't blatantly copied Wikipedia's definition of it. Which is really embarrassing for Wikipedia.

I don't feel at all embarrassed but you're correct about my assessment of those sources. Wikipedia articles are not reliable sources for other Wikipedia articles. The old Contextis site clearly identifies DarkComet as a piece of malware delivered as a package inside other software i.e., a trojan. Without a cite no-one can evaluate Denbow. Eggishorn (talk) (contrib) 04:56, 25 September 2020 (UTC)

Yeah, well that's the difference from a trojan. You download DarkComet, which is a Remote Administrator Tool, trojan-free, and you can make a STUB to have the other person download. That stub.exe could conceivably be called a trojan, but the program as a whole is not. Also, calling something a "trojan" sort of implies malintent, doesn't it? 2601:18E:101:5FC0:11D9:74EA:7AAD:90AB (talk) 03:24, 27 October 2020 (UTC)

Semi-protected edit request on 23 February 2021 (2)

Remove "now defunct" from "Official Website" in "External links", because the website is currently alive. XLinkOut (talk) 14:45, 23 February 2021 (UTC)

 Not done: The tool is still defunct. At the moment, it is just a jump page to the developer's social media profiles. – robertsky (talk) 18:36, 23 February 2021 (UTC)

Semi-protected edit request on 5 February 2024

I possess further details and narrative elements to add to this article. MalzFan (talk) 10:54, 5 February 2024 (UTC)

 Not done: it's not clear what changes you want to be made. Please mention the specific changes in a "change X to Y" format and provide a reliable source if appropriate. Liu1126 (talk) 15:02, 5 February 2024 (UTC)