Dear ladies and gentlemen,
we start the year 2021 strong with a major update of Remcos.
This update introduces several improvements.

A big focus has gone to connection security and performance.
Until now, Remcos has been traditionally using a simple symmetric RC4 encryption with a static key to secure communications.

Starting with v3.0, Remcos is now using TLS v1.3 to secure any session between Controller and Agents.
The TLS protocol is much more secure, and should make transmitted data practically impossible to decipher.
The implemented TLS protocol uses AES-128 for symmetric encryption (instead of formerly used RC4) and Elliptic curve Diffie–Hellman Ephemeral (ECDHE)  for asymmetric encryption and session key exchange.

Dynamic Encryption Key: The AES-128 key is generated randomly on each connection.
Each time Remcos Controller and Agent reconnect,
AES encryption will always be different, always using a different random key.

Forward Secrecy: By generating a unique session key for every connection,
even if your connection password or keys get compromised,
it won’t be possible to decrypt past data.
In addition to that,
the compromise of a single session key will not affect any other session.

Mutual Authentication: Remcos Controller and Agent authenticate each other
using TLS certificates.
This prevents man-in-the-middle attacks,
taking unauthorized control of your Agents,
and making malicious connections to your Controller.

Integrity Check: An integrity check is performed on each message to ensure it wasn’t altered or manipulated.

The improvements in Remcos v3.0 go well over the Connection.
Some simple yet useful GUI improvements have been added.
For example, now it is possible to view the last happened event directly on the Remcos bottom statusbar, without having to check the Event Log.

Now, when an Agent gets abruptly closed and restarted by the Watchdog Protection Module, you get a notification for that too

Also the File Manager has been improved.
Now it supports the transfer of huge files of any size,
and the code has been vastly rewritten and optimized to favor performance and low resource usage.

The entire Remcos agent has been recompiled with a much more modern compiler, and its code has been optimized to be faster.

Here is a more detailed list of changes:

  • [+] [Connection] Your Remcos connection is now secured by TLS 1.3, the latest standard in communications security.
    TLS v1.3 provides excellent security and performance.
    You can find more info on the implemented TLS security by clicking the “About Connection Security” button in Remcos -> Local Settings -> Connection
    You can read here more about TLS protocol and the new TLS v1.3.
  • [+] [Connection] Symmetrical Encryption Algorithm used to encrypt transmitted data is now AES-128 (no more RC4).
    AES-128 is a much stronger cipher compared to RC4.
  • [+] [Connection] The encryption key for connection is now dynamic!
    Each time Remcos Controller and Agent reconnect,
    AES encryption will always be using a different, random key.
  • [+] [Connection] TLS Mutual Authentication:
    Remcos Controller and Agent authenticate each other by using TLS certificates.
    Prevents man-in-the-middle attacks,
    taking unauthorized control of your Agents,
    or making malicious connections to your Controller.
  • [*] [Connection] Solved problem of packet loss in certain cases, usually happening when some packets were sent very fast
  • [*] [Connection] Fixed Agent disconnect/reconnect sporadic issue when KeepAlive active
  • [*] [Optimization] Agent has been compiled with a much more modern compiler, and code has been optimized to be faster
  • [+] [GUI] Added “last event” on statusbar
  • [+] [GUI] Added statusbar icons
  • [*] [GUI] Improved and updated tips on InfoButtons
  • [+] [GUI] Agent window (in visible mode) now displays if using Secure (TLS) or Insecure connection
  • [*] [GUI] Various other small improvements on Agent window
  • [*] [GUI] Agent icon is now higher resolution
  • [+] [Control Center] now connection security is being displayed
  • [*] [Control Center] Fixed full system info txt not opening when clicking “View full system info” button
  • [+] [Watchdog] Now you get a notification in the Event Log and Status Bar once an Agent has been restarted by Watchdog
  • [*] [File Manager] Now File Manager supports the transfer of huge files (over 4 GB). It is now possible to effortlessly upload and download files of any dimension.
  • [*] [File Manager] Optimizations to transfer huge files using low RAM amount
  • [*] [File Manager] Fixed wrong size displayed in File Transfer for files over 4 GB
  • [*] [File Manager] Other minor optimizations and improvements
  • [*] [File Search] Fixed size not displayed for files bigger then 4 GB
  • [*] [Keylogger] Online Keylogger now has dedicated socket for faster performance and better safety (random, dynamic AES-128 key is generated for Keylogger connection)
  • [*] [Dll Loader] Download from URL mode now accepts URLs with Unicode chars
  • [*] [Window Manager] Removed flickering
  • [*] [Restart Agent] fixed issue of not all agents restarting when sending the Restart command simultaneously to multiple agents installed on the same system
  • [*] [Uninstall Agent] fixed issue of not deleting agent file from disk on some agents, when sending the Uninstall command simultaneously to multiple agents installed on the same system
  • [+] [BlackList IP] Now possible to execute this function on multiple hosts at the same time
  • [+] [Open Local Downloads Folder] Now possible to execute this function on multiple hosts at the same time
  • [*] Other minor fixes and improvements
  • [!] Older Remcos Agents (v2.x) are NOT compatible with the v3.0 Controller.
    Update your v2.x Agents to v3.0 to use them with v3.0.
    To update them, build a v3.0 Agent, then use v2 Controller to upload and execute the new Agents.

Enjoy!
If you have any comments or feedback, we appreciate if you leave it here or on our forum.

Best regards

You must be logged in to post a comment.
Menu