I don't know if it's because Pang Jitong's exclamation was too loud, but after his voice disappeared, it only made people feel that the conference room had become extraordinarily quiet.

Regarding Pang Jitong's sigh, in fact, everyone here feels the same way. Indeed, by collecting keystroke logs and analyzing them, it is already possible to know the real-time dynamics of the device user, not to mention the fact that this Trojan horse also adds the ability to intercept social media messages?

Because of this discovery, Fu Liangtao fell into deep thought.

Fu Liangtao's mind moved, and he asked again, "Is there anything else worth noting about this Trojan horse program?" Or is that all there is to it?" Fu Liangtao's question broke the dead silence in the conference room.

"Of course." Luo Mengning said, raised his hand lightly, and swiped a few times on the tablet in his hand, and the other three received a request to synchronize the screen from the tablet. Once all three had approved the request, the tablet's screen was suddenly overrun with source code.

Luo Mengning then explained, "Generally speaking, Trojan horses that we know will be disguised as other applications, right? The Trojan program I found in Li Bingde's mobile phone was incomplete, it still had the original function, but I couldn't find its original shell. Although the Trojan still works, there is no way to know what it is disguised when it infects the phone.

The important thing is that I also found a Trojan horse with similar functions in Zhou Muqing's mobile phone."

Hearing Luo Mengning's words, Fu Liangtao and Pang Jitong invariably sat up straight again, their bodies slightly inclined to Luo Mengning's direction, obviously attaching great importance to her next words.

Luo Mengning smiled when he saw this, his fingertips couldn't stop flying on the tablet, and said: "The Trojan horse program found in Zhou Muqing's mobile phone is the same as the Trojan horse program found in Li Bingde's mobile phone, except that it has been almost edited, it has no shell, and there is no way to understand the camouflage." This also means that they will need to work a little more hard to figure out how the attackers tricked them into installing the Trojan.

Fu Liangtao and Pang Jitong's eyes met in the air, so that Zhou Muqing's online harassment was no longer a matter of chasing after the wind.

"Is this because the Trojan remains on the user's mobile phone after the user deletes the app?" Fu Liangtao is concerned about how Li Bingde and Zhou Muqing obtained this Trojan horse program.

Luo Mengning stopped the movement of his hand slightly, thought for a while, and then responded: "It can also be said that I have learned the details of the operation of the mobile phone system before and after the shell of the Trojan horse program was deleted through the log files in Li Bingde and Zhou Muqing's mobile phones. Until the forensics were collected for the mobile phones of the two people, the system time of the mobile phones of the two people had not been modified, and then I also confirmed that the system time was indeed correct, indicating that the time of the mobile phone system was correct during this period.

However, paradoxically, in this way, according to the log records, the Trojan shells in the two mobile phones were deleted after the deaths of Li Bingde and Zhou Muqing."

After hearing this, Fu Liangtao nodded, and muttered, "It is indeed a paradox, from this point of view, someone deleted the shell of the Trojan horse program through the Trojan program. However, why does an attacker not modify the log file records when they have such a technology? Wouldn't that make the whole thing more subtle and imperceptible?

If there are no log files, it will take a bit more trouble to determine when the Trojan shell was deleted. Is it because the other party doesn't think it's important? Or did the other party deliberately leave this clue?"

Pang Jitong gradually understood Fu Liangtao's question, and couldn't help but look at the whiteboard with a mind map, next to the third box of the Li Bingde case, Fu Liangtao wrote two annotations - "high-profile" and "insufficient technology?".

After Fu Liangtao asked the question, there was silence in the conference room, because everyone knew that Fu Liangtao was not really confused, but was inducing them to analyze the case.

After a while, Fu Liangtao asked again, "Ah Ning, what's the matter with these codes you showed us?"

Luo Mengning was obviously thinking about Fu Liangtao's question, and then he came back to his senses and responded, "The topic has changed, I really forgot about this......" After that, Luo Mengning raised his hand and swiped a few times on the tablet, and the other three saw the source code on the screen, and quickly slid to a position marked by a red box with Luo Mengning's movements. Luo Mengning continued, "If you look at it this way, it will be a little clearer."

Fu Liangtao and the others took a closer look, only to find that Luo Mengning showed them two sets of source code side by side on the screen. "Let's take a look, the one on the left is the source code of the Trojan program found in Li Bingde's mobile phone, and the one on the right is in Zhou Muqing's mobile phone.

In addition to adding the functions mentioned earlier, the person who modified the Trojan program also added this piece of code to the program, because I don't know much about programming, so I asked Feng Hongfang of Team D. According to Feng Hongfang's analysis, the purpose of this piece of code is to make it impossible for users to delete the Trojan horse manually, even if they restore the original factory settings."

"Doesn't this prove that the person who modifies the Trojan horse has an extraordinary level of technology?" Pang Jitong asked.

Luo Mengning lowered his eyes, flipped back a few pages of his notebook, and replied, "Yes, for the time being, the assessment of this person's skill level is moderate. Because the person who compiles the Trojan chooses to use the malicious software suite circulating on the Internet and then modify it, it is not certain whether the other party has the ability to write malicious software on their own, so it cannot be ruled out that the other party's technical level is actually higher than what we have evaluated.

However, as you know, you can be sure that this man is not a script kiddie."

Script Kid is a beginner among hackers who considers themselves "hackers" and is complacent about the technology they have learned, and these beginners usually do not have the skills to find system vulnerabilities and develop programs, and only use programs developed by others to launch attacks.

The definition of hacking has always been broad. It is so extensive that even if you don't have any technology, as long as you know how to use your brain to obtain information that is otherwise unobtainable in a roundabout way, you can be called a hacker. Therefore, in the world of hackers, just like the rivers and lakes in martial arts novels, there are pyramid-like hacker groups composed of people with different skill levels.

The higher the level of technology, the higher the number of people.

Over the years, Fu Liangtao has handled countless cybercrime cases, and he knows very well that there are never many people who have the ability to modify malicious software code in this way. This did not circulate on the Internet, but instead became the unique identity of this Trojan program. The Trojan program found in Li Bingde and Zhou Muqing's mobile phones enabled them to eliminate most of the suspects at once.

At least, for this reason, Luo Xiaowen's suspicion has been greatly reduced.

But is it just a coincidence that two Trojans with similar functions, similar edits, and the same code that is inserted to prevent removal?