New
#1
Thanks for the warning. Glad I waited for the official download. :)
Pirated Windows 7 Builds Botnet with Trojan
-
-
-
Posts : 8,375 W7 Ultimate x64/W10 Pro x64/W11 Pro Triple Boot - Main PC W7 Remote PC Micro ATX W7 Pro x64/W11 ProNew #3
Well it was I tried to point out before and got a lot of back talk about people matching up hashes there are ways around things in order to slip bugs into the various leaks. Earlier you saw the MS official warning about downloading from torrent sites. Now you see a strong one here about the RCs being polluted.
And the 4/24 date sounds awful familiar doesn't it? Airbot
Another sentence to add here is the start of the following paragraph in the article seen at the link there. "Targeting users through pirated software is nothing new for hackers." It makes far more sense to stay with the genuine article coming direct from Microsoft rather then thinking you are getting something still good elsewhere and to run into something like that.
I just got pointed to another article on this seen at http://news.idg.no/cw/art.cfm?id=35B...22F341C24AC242
-
Posts : 9,606 Win7 Enterprise, Win7 x86 (Ult 7600), Win7 x64 Ult 7600, TechNet RTM on AMD x64 (2.8Ghz)
-
Posts : 8,375 W7 Ultimate x64/W10 Pro x64/W11 Pro Triple Boot - Main PC W7 Remote PC Micro ATX W7 Pro x64/W11 ProNew #5
Evidently the tampered with leak was uploaded on the same day it got out. For many it was late in the day or at night time when people started jumping on it at that time.
-
New #6
Has anybody identified or caught this trojan within their own operating system?
I have seen lots of discussions but no obvious candidates, what are its characteristics?
is there no proprietary programs available to capture it.
Keen to understand above the chatter
best
barney
-
New #7
Perhaps it is possible to identify the exact source(s) of this infected Windows 7?
I guess people were just over eager and tried to get their hands on first available new builds, and noticing new improvements over other builds somewhat blindsided them out on security issues.
If it's not too much to ask, what are the manifestations of the malware, anyway?
-
Posts : 8,375 W7 Ultimate x64/W10 Pro x64/W11 Pro Triple Boot - Main PC W7 Remote PC Micro ATX W7 Pro x64/W11 ProNew #8
I never got any detailed description when being informed on prior occasions about some leaks having malwares well hidden that the average user won't even notice. Those could be anything from adbots to keyloggers for gaining credit card and other information useful in identity theft as well as things that would suddenly see Windows crash for no apparent reason.
The people planting bugs know how to write malwares that are intended for a specific purpose. You can run a search all day and still not find where they get the tools for that however. From the article seen there like a few others lately the intent by hackers is to build a "botnet" or best known as an army of zombie home pcs where the users are unaware that their machines are infected. One reference for this is seen at What is botnet? - a definition from Whatis.com - see also: zombie army, bot network
-
New #9
At this point, stealing Win7 is like trying to do a dine-and-dash in a soup kitchen.
Wat?
Pirated Windows 7 Builds Botnet with Trojan
Posted: 12 May 2009
Security researchers at Damballa report shutting down the command and control server of a botnet built by a Trojan bundled with pirated copies of Windows 7 RC. The Trojan is believed to have infected thousands of users.
Attackers pushing pirated, malware-laced copies of Microsoft's upcoming Windows 7 operating system have been actively trying to build a botnet.
According to researchers at Damballa, attackers hid a Trojan inside of pirated copies of the operating system and began circulating them on BitTorrent sites. Damballa reported that it shut down the botnet's command and control server May 10, but by that time infection rates had risen as high as 552 users per hour.
"Since the pirated package was released on April 24th, my best guess is that this botnet probably had at least 27,000 successful installs prior to our takedown of its CnC [command and control] on May 10th," said Tripp Cox, vice president of engineering at Damballa.
eweek
Quote
Related Discussions