I checked out the source code to the RootKit "Zuess"
It could do that and much more..
This was no keylogger.. it was a professional rootkit system
that was sold privately i was told for $10,000 (later leaked out)
The code on it is seriously impressive !
This is one HUUUUUUUUUUGE massive project.. LOTS of code written.
I got the code still somewhere (i used to collect code leaks)
I have all kinds from Valve Games / Steam to Kasperky to Norton AV's to WIndows 2000
Anyway Google Rootkit
It *could* have been that.
And Google "Sub7 Trojan"
It could do that and much more..
This was no keylogger.. it was a professional rootkit system
that was sold privately i was told for $10,000 (later leaked out)
The code on it is seriously impressive !
This is one HUUUUUUUUUUGE massive project.. LOTS of code written.
I got the code still somewhere (i used to collect code leaks)
I have all kinds from Valve Games / Steam to Kasperky to Norton AV's to WIndows 2000
Anyway Google Rootkit
It *could* have been that.
And Google "Sub7 Trojan"
I have read of that Sub7 which is very old but already did a good part of what it is needed to get a remote desktop: it sends desktop screenshots to the controller, so that he can view the desktop in real time if 5-10 screenshots a second are sent
The only thing it needs is the ability to receive mouse and keyboard commands , and there you have a handy remote desktop.
That should be easy for today's trojans, if even Sub7 in the early 2000 was already near that.
But maybe it is not a so desired feature because it lets the victim spot the malware easily, while it is better to remain hidden and do your business
For example for doing click fraud activities, is it necessary to have remote desktop control? I think it isn't , just use the bot as a proxy or VPN server.
