Results 1 to 6 of 6

Thread: Cuaght in the wild. a installer and active X control for installing malware/fraudware

  1. #1
    Join Date
    Jan 2011
    Posts
    220

    Default Cuaght in the wild. a installer and active X control for installing malware/fraudware

    Here is a file that attempts to install " I don't know exactly what " but some type of fraud ware.

    It was made with tools by this company

    http://www.componentone.com/

    it is being distributed by


    http://www.drweb.com/?lng=en



    this is a self installing executable. Installs a nice bunch of .dll files etc .

    I contacted component one about the obvious abuse of the EULA and they basically came back with a mild attempt to discredit that observations. this file downloaded itself onto my machine " thankfully it wasn't running windows" and I kept a copy, I had a look with a hex editor and low and behold thye left a copyright on the file. dumbass

    This was precipitated by visiting a webpage that attempted to run a virus scan on my machine.

    LOL, was amusing to watch it do its little dance in the browser.

    anyways here is the zipped executable. I would not under any circumstances unzip this file unless your 100% sure you system will be uneffected. I know that Haiku is unbothered by this file and I bet a wineless linux install would be ok as well.



    I may post this over at osnews.

    Microsoft will do nothing to block this activex control.

  2. #2
    Join Date
    Jan 2011
    Posts
    220

  3. #3
    Join Date
    Jan 2011
    Posts
    220

  4. #4
    Join Date
    Apr 2010
    Posts
    1,946

    Default

    Dude, you mean "that" sort of phish show, where you have your "files" checked online by "antivirus" (that is actually a flash animation) ?
    That joke is old, and I too enjoyed how it found 40 viruses in "c:\windows\system32" folder of my gentoo box
    I had once the malware on wine though, via a nocd for nolf2(which I legally own). Did nothing more than adding some 16K %random%.exe gibberish in every rar/zip archive of my text library. Probably tried to find .exe's, failed lol.

  5. #5
    Join Date
    Apr 2010
    Posts
    1,946

    Default

    And I know one webpage (actually trap) that can bring even linux down via heavy js bombardment. Noscript is a must. Should not work that dramatically on lastest kernels with cgroups patches though.

  6. #6
    Join Date
    Jan 2011
    Posts
    220

    Default

    Quote Originally Posted by crazycheese View Post
    And I know one webpage (actually trap) that can bring even linux down via heavy js bombardment. Noscript is a must. Should not work that dramatically on lastest kernels with cgroups patches though.
    whats the link to that webpage ?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •