: Tracking keystrokes to steal sensitive information like passwords and credit card details.
Most samples use for beaconing, but some variants support TCP raw sockets. The typical beacon interval is configurable (default: 10-30 seconds). xworm 3.1
It is critical to note that distributing, possessing with intent to use, or deploying XWorm 3.1 against systems without explicit written authorization is a felony under the Computer Fraud and Abuse Act (CFAA) in the US and similar legislation globally (e.g., UK's Computer Misuse Act). Security researchers should only analyze XWorm 3.1 in controlled, isolated lab environments. : Tracking keystrokes to steal sensitive information like
: Avoid using administrative accounts for daily tasks to limit the impact of a potential breach. Audit Network Traffic possessing with intent to use
2019.03.03 : Remote parametrization option added
2018.11.24 : ODX-Database updated to support new 2019 models
2018.04.25 : ODX-Database updated to support newest 2018 models
2018.04.13 : Support for Touareg 2018 (MLB-evo) added
2018.04.01 : Web-Application redesigned completely
2017.12.24 : VideoInMotion (VIM) unlock for models < 2018 added (up to 70km/h)
2017.12.07 : Support for Audi Q5 (FY0) added
1st: Quick and dirty video with app in action: HERE
On video we coded laptimer in 2016 Audi S4 8W. Web Application ran on server located about 1200 kilometers away from a tablet with DoIP client. Internal MIB2 Wifi Access Point was used.
2nd: Remote disable StartStop by iPhone: HERE
3rd: Remote rearview Camera parametrization: HERE
4th: Remote Seat Belt warning disable using new VCP-BT interface and Android client.