June 16th, 2005, 10:35 PM
Bit Torrent targeted
Trolling around [again]
found these details re :- Bit Torrent
BitTorrent, the beloved file-sharing client and protocol that provides a way around bandwidth bottlenecks, has become the newest distribution vehicle for adware/spyware bundles.
"This is the marketing campaign to end all marketing campaigns," said Boyd, the Microsoft Security MVP (most valuable professional) known throughout the security industry by the "Paperghost" moniker.
Is this the end of Bit Torrent ?
Boyd said he got the first inkling that BitTorrent was a major adware distribution vehicle while searching for the source of Direct Revenue's Aurora, an adware program that includes the prevalent "nail.exe" component. Sifting through mountains of HijackThis logs posted on security forums, Boyd said the answer was staring him in the face. (HijackThis is a popular freeware spyware removal tool that keeps detailed logs of Windows PC scans).
In the logs, he found that "nail.exe" and "aurora.exe" were always listed alongside "btdownloadgui.exe," the user interface that downloads/uploads when using BitTorrent.
"I checked hundreds of those logs, and more often than not, [btdownloadgui.exe] was chugging away in the background. No wonder none of the victims (or spyware experts) seemed to know what site Aurora was coming from—there was no site. It would have never occurred to the end users that it could have crept in by another means altogether," he said.
link to comments on this
Anybody who has any sensitivity to security could tell you BitTorrent is inherently insecure. Besides most of the traffic is illicit even though RCIAA and MPA haven't figured out how to deal with it. My suggestion is if you don't want to get sued stay away, or don't if you want to be a knucklehead.
And in there, found the link to just WHY Kazaa is SO well loved
Computer Associates International Inc. has launched a list of the worst spyware threats as part of a new program to combat unwanted software "pests." At the top of that list: the peer-to-peer application Kazaa.
Doesn't look good until you see GAMESPY Arcade !!!!!!!!!!!!!!!
Kazaa has a high "clot factor" of 50, a measurement of how many registry entries, files and directories an application adds. The higher the clot factor, the more difficult a pest is to remove.
The highest clot factor in the top five is GameSpy Arcade, at 128
55 - I'm fiftyfeckinfive and STILL no wiser,
Beware of Geeks bearing GIF's
come and waste the day :P at The Taz Zone
June 17th, 2005, 01:04 AM
Been using Bittorrent for over a year, no malware detected as yet.
As for," is this the end"..................I don't think so. Its far to usefull for legitamate content providers. It will just adapt and change.
The BBC are already looking at the technology to distribute there own content via an adaptation of BT.
What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry
June 17th, 2005, 01:16 AM
Doesn't bittorrent provide MD5-sum checking ? I know if you posted a spywre laced app on bittorrent, the MD5 sum would include that, but wouldn't you need a fresh version of the app? Not downloaded from a torrent ?
The fool doth think he is wise, but the wiseman knows himself to be a fool - Good Ole Bill Shakespeare
June 17th, 2005, 04:48 AM
All this is is a marketing group putting its mal/spyware in a torrent and upping it to a public server, big deal , although marketingmetrix (the perpetrators) got defaced,
http://www.marketingmetrixgroup.com/ all day its been defaced , go Fatal Error , heheheheh
Do unto others as you would have them do unto you.
The international ban against torturing prisoners of war does not necessarily apply to suspects detained in America\'s war on terror, Attorney General John Ashcroft told a Senate oversight committee
-- true colors revealed, a brown shirt and jackboots
June 17th, 2005, 08:12 AM
How is this any different then all those other ftp/http downloads that have malware/virusses in them instead of what you wanted or both.
Why do they have to make a fuss out of it now ?
Since the beginning of time, Man has searched for the answers to the big questions: \'How did we get here?\' \'Is there life after death?\' \'Are we alone?\' But today, in this very theatre, you will be asked to answer the biggest question of them all...WHO LIVES IN A PINEAPPLE UNDER THE SEA?
June 17th, 2005, 10:03 AM
wasnt "exeem", a bittorrent/kazzaa hybred, laced with spyware.. as well it runs the btdownloadgui.exe.. mind I hear it is dead in the water..
I use BT for my d/l's of linux distro's- well those I cant get un metered via my ISP.... hmmm reminds me Fedora core 4 is now there
"Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr
June 17th, 2005, 01:37 PM
This is a typical FUD. Its just a BS. "Official BT" client has no malware.
Of course if you go to BT network to download "MS Office 2009" you deserve to be infected.
They are trying to mix in the same **** the pirates and all other users that transfers files thru BT (such as *nix distros).
Since they are loosing the battle against the "BT & ED2K pirates" they are trying to scare everybody with "if you use a p2p software, you can be arrested. Its illegal".
FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
If I die before I sleep, I pray the Lord my soul to encrypt.
If I die before I wake, I pray the Lord my soul to brake.
June 17th, 2005, 03:24 PM
I haven't gotten any spyware from any BT client EXCEPT for from Exeem.
I just wanted to try that out anyway... I liked that they had all the torrents cataloged and you could just search for them. Then you could post comments about the torrent... etc. That turend out to be a waste of time anyway... took a half hour to hour to download the friggin catalog... not to mention refreshes...
I'm not quite sure I understand what they are trying to say... Bittorrent Clients are coming with spyware/adware? Or, adware/spyware are being distributed via the bittorrent protocol?
If spyware is being distributed via torrent... its simple. Only download legit torrents. If you're downloading warez or movies or music or pr0n... then it serves you right. That is no different from other p2p networks.
is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
June 18th, 2005, 12:14 AM
This isn't about an infected bittorrent client.
It's about downloading an executable file through BT, and installing it. (One reason why uploaders of rar files are frowned upon on BT trackers) And then being flooded by spyware and other nasties for being so senseless to try such a dangerous thing, especially since this article addresses spyware that requires you to accept an agreement from MMG before it installs itself.
See http://www.vitalsecurity.org/2005/06...d-and-175.html for the article that article talks about.