Announcement

Collapse
No announcement yet.

Cuaght in the wild. a installer and active X control for installing malware/fraudware

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Cuaght in the wild. a installer and active X control for installing malware/fraudware

    Here is a file that attempts to install " I don't know exactly what " but some type of fraud ware.

    It was made with tools by this company

    http://www.componentone.com/

    it is being distributed by


    http://www.drweb.com/?lng=en



    this is a self installing executable. Installs a nice bunch of .dll files etc .

    I contacted component one about the obvious abuse of the EULA and they basically came back with a mild attempt to discredit that observations. this file downloaded itself onto my machine " thankfully it wasn't running windows" and I kept a copy, I had a look with a hex editor and low and behold thye left a copyright on the file. dumbass

    This was precipitated by visiting a webpage that attempted to run a virus scan on my machine.

    LOL, was amusing to watch it do its little dance in the browser.

    anyways here is the zipped executable. I would not under any circumstances unzip this file unless your 100% sure you system will be uneffected. I know that Haiku is unbothered by this file and I bet a wineless linux install would be ok as well.



    I may post this over at osnews.

    Microsoft will do nothing to block this activex control.

  • #2
    http://www.filedump.net/index.php?pi...1296773278.zip

    file

    Comment


    • #3
      http://www.filedump.net/dumped/thisi...1296773857.zip

      this is the correct link

      Comment


      • #4
        Dude, you mean "that" sort of phish show, where you have your "files" checked online by "antivirus" (that is actually a flash animation) ?
        That joke is old, and I too enjoyed how it found 40 viruses in "c:\windows\system32" folder of my gentoo box
        I had once the malware on wine though, via a nocd for nolf2(which I legally own). Did nothing more than adding some 16K %random%.exe gibberish in every rar/zip archive of my text library. Probably tried to find .exe's, failed lol.

        Comment


        • #5
          And I know one webpage (actually trap) that can bring even linux down via heavy js bombardment. Noscript is a must. Should not work that dramatically on lastest kernels with cgroups patches though.

          Comment


          • #6
            Originally posted by crazycheese View Post
            And I know one webpage (actually trap) that can bring even linux down via heavy js bombardment. Noscript is a must. Should not work that dramatically on lastest kernels with cgroups patches though.
            whats the link to that webpage ?

            Comment

            Working...
            X