 |
Windows 7: Pirated Windows 7 Builds Botnet with Trojan
|
12 May 2009
|
#1 | |
Windows 7 Ultimate x64 SP1 |
Pirated Windows 7 Builds Botnet with Trojan
Quote: Security researchers at Damballa report shutting down the command and control server of a botnet built by a Trojan bundled with pirated copies of Windows 7 RC. The Trojan is believed to have infected thousands of users.
Attackers pushing pirated, malware-laced copies of Microsoft's upcoming Windows 7 operating system have been actively trying to build a botnet.
According to researchers at Damballa, attackers hid a Trojan inside of pirated copies of the operating system and began circulating them on BitTorrent sites. Damballa reported that it shut down the botnet's command and control server May 10, but by that time infection rates had risen as high as 552 users per hour.
"Since the pirated package was released on April 24th, my best guess is that this botnet probably had at least 27,000 successful installs prior to our takedown of its CnC [command and control] on May 10th," said Tripp Cox, vice president of engineering at Damballa.
eweek
| My System Specs |
| System Manufacturer/Model Number Airbot 2.0
OS Windows 7 Ultimate x64 SP1
CPU Core i7 920 (D0) @ 4Ghz, *26c idle *65c full load on air
Motherboard Asus P6X58D Premium - Sata 6Gb/s - USB 3.0
Memory 12GB DDR3 Corsair Dominator -CMD12GX3M6A1600C8 at 1600MHz
Graphics Card EVGA GeForce GTX 480 -Aftermaket Accelero Xtreme Plus cooler
Sound Card ASUS Xonar D2X
Monitor(s) Displays 1 LG 24" Flatron W2453V-PF 1 Samsung 24" P2450H both 2ms RT
Screen Resolution 1920x1080@60hz
Keyboard Logitech Wireless MK700
Mouse Logitech Wireless MK700
PSU Corsair HX1000W
Case Cooler Master HAF 932
Cooling Case Fans *3 230mm, *1 140mm/CPU - *Tuniq Tower 120 Extreme
Hard Drives 1 OCZ Vertex2 180GB SSD
1 TB Samsung Spinpoint F1 7200RPM 32MB cache
2 500GB WD Caviar Blacks 7200RPM 32MB cache (WD5001AALS)
Pioneer DVD Burner DVR-S18M
Internet Speed DL 15 Mbps UL 0.98 Mbps
Antivirus None
Browser Firefox Nightly
Other Info Processor-7.7 *RAM- 7.9 *Graphics-7.9 *Gaming Graphics- 7.9 *SSD- 7.8 W.E.I final score= 7.7
*Phone- Samsung Galaxy Nexus
|
12 May 2009
|
#2 | |
Win7 Ultimate x64 on Desktop / Win7 Ultimate x86 on laptop / Win7 x86 Starter on Netbook UK |
Thanks for the warning. Glad I waited for the official download.  | | My System Specs | | System Manufacturer/Model Number Dilithium Computers/Engineering (Myself) Star date 42.739285.5432.9
OS Win7 Ultimate x64 on Desktop / Win7 Ultimate x86 on laptop / Win7 x86 Starter on Netbook
CPU AMD Phenom 965 X4 3.4Ghz cpu Black Edition
Motherboard Gigabyte 790XT
Memory 12 Gb DDR3
Graphics Card Nvidea Gforce GTX 470
Sound Card Onboard Realtek hi-fi
Monitor(s) Displays Lg 3D led 23"
Screen Resolution 1920x1080
Keyboard Logitech wireless K350
Mouse Inferno gaming mouse
PSU OCZ 700W GameXstream
Case Artec 10000
Cooling On board + many case fans
Hard Drives Loads maxstore sata 1 & 2/ loads of partitions + 1Tb Hitachi sata 2. 256Gb Crucial ssd.
Internet Speed Talk talk. 10Mb
Other Info My PC was hand built with matchsticks. xbox 360 controller. Printers,fax.........
|
12 May 2009
|
#3 | |
Windows 7 Ultimate x64, Mint 9 In the Crust |
LOL. Why?
The RC is free..... Why are people so stupid?
~Lordbob | | My System Specs | | System Manufacturer/Model Number Hera
OS Windows 7 Ultimate x64, Mint 9
CPU Intel i5-2500k
Motherboard ASUS P8P67 Pro
Memory 2x 4Gb Corsair VENGEANCE DDR3-1600
Graphics Card NVidia GeForce N260GTX Twin Frozr
Sound Card Realtek HD OnBoard Audio
Monitor(s) Displays ASUS 24" Monitor
Screen Resolution 1920x1080
Keyboard Razer Tarantula
Mouse Razer Lachesis
PSU Cooler Master Real Power Pro 750W
Case Cooler Master Haf 932
Cooling Fans
Hard Drives G.SKILL Phoenix Series 60GB SATA II MLC Internal Solid State Drive (SSD)
SAMSUNG Spinpoint F3R 1TB 7200 RPM 32MB Cache SATA II
Internet Speed not fast enough
|
13 May 2009
|
#4 | |
Windows 7 Ultimate x64, XP Mode, W8 RP VM, Linux Mint Debian 2nd OS HD- 7 Pro x64 second case New England |
Well it was I tried to point out before and got a lot of back talk about people matching up hashes there are ways around things in order to slip bugs into the various leaks. Earlier you saw the MS official warning about downloading from torrent sites. Now you see a strong one here about the RCs being polluted.
And the 4/24 date sounds awful familiar doesn't it? Airbot
Another sentence to add here is the start of the following paragraph in the article seen at the link there. "Targeting users through pirated software is nothing new for hackers." It makes far more sense to stay with the genuine article coming direct from Microsoft rather then thinking you are getting something still good elsewhere and to run into something like that.
I just got pointed to another article on this seen at http://news.idg.no/cw/art.cfm?id=35B...22F341C24AC242 | | My System Specs | | OS Windows 7 Ultimate x64, XP Mode, W8 RP VM, Linux Mint Debian 2nd OS HD- 7 Pro x64 second case
CPU AMD Phenom II X4 975 Deneb 3.6ghz - 965 on new mini tower
Motherboard Gigabyte GA-790XTA-UD4
Memory Kingston Hyper X DDR3 1600 1.5v 16gb - Mushkin on 2nd build
Graphics Card MSI HD Radeon 5750 1gb - MSI HD Radeon 6450 on mini tower
Sound Card Creative Labs X-Fi XtremeGamer - Realtek onooard 2nd case
Monitor(s) Displays 2 x Acer P191W 19" widesscreen - HP 20" widescreen mini towe
Screen Resolution 1440x900 native - 1600x1024 on 7 Pro x64 build
Keyboard Microsoft Recusa Razor - MS Comfort 3000 on second build
Mouse MS Trackball Explorer - A4TECH dual scroll wheel trackball
PSU Corsair 750TX - primary / Corsair CX600 - second
Case Antec 900-2 - SSD compatible / NZXT Vulcan mini tower
Cooling Zalman CNPS9900A
Hard Drives Primary Ultimate x64 build-
WD Black Edition 1tb Sata 6.0 = 2
WD Black Edition 1tb Sata 3.0 = 2 (OS drives)
WD 1tb Green Power sata = 2 1 external
usb flash drives = 18
Second 7 Pro x64 mini tower-
WD Caviar SE 500gb sata II single drive presen
Internet Speed 30mbps upgrade - primary hard wired - mini tower usb WiFi
|
13 May 2009
|
#5 | |
Win7 Enterprise, Win7 x86 (Ult 7600), Win7 x64 Ult 7600, TechNet RTM on AMD x64 (2.8Ghz) SomeWhere in the HOT Arizona Desert ! |
The 4/24 date shows up in History as the leaked torrent date  | | My System Specs | | Computer type PC/Desktop
System Manufacturer/Model Number Built them myself, Science Experiments !
OS Win7 Enterprise, Win7 x86 (Ult 7600), Win7 x64 Ult 7600, TechNet RTM on AMD x64 (2.8Ghz)
CPU AMD fx8350 4ghz, AMD-32 2400mhz, AMD-64 3200mhz, AMDx64 2.8G
Motherboard SIS 755, ECS-K8M890M-M (Ult 7600), GigaByte & others
Memory 2gb, 4gb on the Ult 7600, 4gb on Technet RTM, 32gb on FX8350
Graphics Card Draw my own Graphics, several nVidia cards
Sound Card on motherboard
Monitor(s) Displays 19" flat scr, 28" I-Inc widescr,22" Emprex Widescr, 23" Acer
Screen Resolution 1280 x 1024, 1440 x 900, 1920 x 1080
Keyboard Compaq & Dell recycled from GoodWill
Mouse Made in China Optical Wired Mouse
PSU 430w, 550w, 600w, 700, 800, etc
Case All Generic Full Towers
Cooling Open Air & a few fans, some w/ colored LEDs
Hard Drives 6 pata Ide HD's & 2 Sata HD's
added 80gb external on Ult 7600 computer,
numerous extra 1tb, 2TB, 3Tb SATA HD's
A collection of ext HD Docks w/ HDs
Internet Speed Fast Cable InterNet
Antivirus AVG Free on 24 different Desktops, NO Problems!
Browser IE 8 is preferred, but use FireFox sometimes
Other Info Linksys Routers, switches, & Hubs
Too Many USB Flash Drives to count, Biggest is 64GB !
Eight computers in my home network.
Sixteen computers at my business network.
Linked via TeamViewer !
Lots of old used spare computer parts everywhere!
|
13 May 2009
|
#6 | |
Windows 7 Ultimate x64, XP Mode, W8 RP VM, Linux Mint Debian 2nd OS HD- 7 Pro x64 second case New England |
Evidently the tampered with leak was uploaded on the same day it got out. For many it was late in the day or at night time when people started jumping on it at that time. | | My System Specs | | OS Windows 7 Ultimate x64, XP Mode, W8 RP VM, Linux Mint Debian 2nd OS HD- 7 Pro x64 second case
CPU AMD Phenom II X4 975 Deneb 3.6ghz - 965 on new mini tower
Motherboard Gigabyte GA-790XTA-UD4
Memory Kingston Hyper X DDR3 1600 1.5v 16gb - Mushkin on 2nd build
Graphics Card MSI HD Radeon 5750 1gb - MSI HD Radeon 6450 on mini tower
Sound Card Creative Labs X-Fi XtremeGamer - Realtek onooard 2nd case
Monitor(s) Displays 2 x Acer P191W 19" widesscreen - HP 20" widescreen mini towe
Screen Resolution 1440x900 native - 1600x1024 on 7 Pro x64 build
Keyboard Microsoft Recusa Razor - MS Comfort 3000 on second build
Mouse MS Trackball Explorer - A4TECH dual scroll wheel trackball
PSU Corsair 750TX - primary / Corsair CX600 - second
Case Antec 900-2 - SSD compatible / NZXT Vulcan mini tower
Cooling Zalman CNPS9900A
Hard Drives Primary Ultimate x64 build-
WD Black Edition 1tb Sata 6.0 = 2
WD Black Edition 1tb Sata 3.0 = 2 (OS drives)
WD 1tb Green Power sata = 2 1 external
usb flash drives = 18
Second 7 Pro x64 mini tower-
WD Caviar SE 500gb sata II single drive presen
Internet Speed 30mbps upgrade - primary hard wired - mini tower usb WiFi
|
13 May 2009
|
#7 | |
|
Has anybody identified or caught this trojan within their own operating system?
I have seen lots of discussions but no obvious candidates, what are its characteristics?
is there no proprietary programs available to capture it.
Keen to understand above the chatter
best
barney | | My System Specs | | |
13 May 2009
|
#8 | |
|
Perhaps it is possible to identify the exact source(s) of this infected Windows 7?
I guess people were just over eager and tried to get their hands on first available new builds, and noticing new improvements over other builds somewhat blindsided them out on security issues.
If it's not too much to ask, what are the manifestations of the malware, anyway? | | My System Specs | | |
13 May 2009
|
#9 | |
Windows 7 Ultimate x64, XP Mode, W8 RP VM, Linux Mint Debian 2nd OS HD- 7 Pro x64 second case New England |
I never got any detailed description when being informed on prior occasions about some leaks having malwares well hidden that the average user won't even notice. Those could be anything from adbots to keyloggers for gaining credit card and other information useful in identity theft as well as things that would suddenly see Windows crash for no apparent reason.
The people planting bugs know how to write malwares that are intended for a specific purpose. You can run a search all day and still not find where they get the tools for that however. From the article seen there like a few others lately the intent by hackers is to build a "botnet" or best known as an army of zombie home pcs where the users are unaware that their machines are infected. One reference for this is seen at What is botnet? - a definition from Whatis.com - see also: zombie army, bot network | | My System Specs | | OS Windows 7 Ultimate x64, XP Mode, W8 RP VM, Linux Mint Debian 2nd OS HD- 7 Pro x64 second case
CPU AMD Phenom II X4 975 Deneb 3.6ghz - 965 on new mini tower
Motherboard Gigabyte GA-790XTA-UD4
Memory Kingston Hyper X DDR3 1600 1.5v 16gb - Mushkin on 2nd build
Graphics Card MSI HD Radeon 5750 1gb - MSI HD Radeon 6450 on mini tower
Sound Card Creative Labs X-Fi XtremeGamer - Realtek onooard 2nd case
Monitor(s) Displays 2 x Acer P191W 19" widesscreen - HP 20" widescreen mini towe
Screen Resolution 1440x900 native - 1600x1024 on 7 Pro x64 build
Keyboard Microsoft Recusa Razor - MS Comfort 3000 on second build
Mouse MS Trackball Explorer - A4TECH dual scroll wheel trackball
PSU Corsair 750TX - primary / Corsair CX600 - second
Case Antec 900-2 - SSD compatible / NZXT Vulcan mini tower
Cooling Zalman CNPS9900A
Hard Drives Primary Ultimate x64 build-
WD Black Edition 1tb Sata 6.0 = 2
WD Black Edition 1tb Sata 3.0 = 2 (OS drives)
WD 1tb Green Power sata = 2 1 external
usb flash drives = 18
Second 7 Pro x64 mini tower-
WD Caviar SE 500gb sata II single drive presen
Internet Speed 30mbps upgrade - primary hard wired - mini tower usb WiFi
|
13 May 2009
|
#10 | |
Windows 7 Home Premium x64 7600 [MSDN] Los Angeles |
At this point, stealing Windows 7 is like trying to do a dine-and-dash in a soup kitchen.
Wat? | | My System Specs | | System Manufacturer/Model Number Custom Build/Mod
OS Windows 7 Home Premium x64 7600 [MSDN]
CPU Intel QX9650 Extreme 5.0 GHz
Motherboard ASUS Rampage Extreme Rev2
Memory 8GB (4x2) Corsair Dominator DDR3
Graphics Card 2x Sapphire Radeon HD4870X2 (QuadFire)
Sound Card SupremeFX X-Fi
Monitor(s) Displays Dell 2408WFP 24" Panel
Screen Resolution 1920x1200
Keyboard Logitech
Mouse Logitech
PSU Corsair HX1000
Case CoolerMaster - Cosmos S
Cooling Custom Liquid - 320mm rad w/ 3x 80mm fans, CPU/NB/SB Blocks
Hard Drives 4x WD Caviar Black 640GB (2TB+ Total)
MegaRAID SATA 300-8X Controller
2x RiDATA SataII SSD 64GB (Raid10)
1x LG Blu-ray read/write
1x Phillips LightScribe DVD read/write
Internet Speed Fractional T1 - Shared
Other Info OC'd to 5.0GHz @ 50c under full load
Pirated Windows 7 Builds Botnet with Trojan problems? All times are GMT -5. The time now is 11:30 PM. |  |
Getting rid of a pirated copy of windows 7 
