Trojan @ MindSay

[ Trojan Slideshow | Browse Tags ]

 

   
Had it

OK, I’m sick and tired to be sick and tired.  What is with this mindsay wiki page?  What is a wiki page?  I figured it would just be some kind of weird link to your own page on wikipedia.com.  Guess what?  It isn’t.  I looks like some stupid extended profile bull that mindsay uses to sell ads.  Well I won’t put anything worth advertising on my wiki page out of spite.  Spite!  This is very similar to how I don’t put anything in my blog worth reading, except I cannot do anything to help myself in that department. But seriously, I don’t know what this wiki business is all about and I really don’t like it.  This is because a) I’m not down with learning anything new as it pertains to my ramblings here and b) because I am getting spam on this thing.  Spam messages from fake accounts saying they saw your profile and want to be friends.  What the hell?  I don’t want this crap on mindsay.  I already have a myspace account that I have never used and never will but get fake friend requests all the time.  I hate that kind of thing.  Notice to anyone who likes to fancy themselves a hacker:  don’t ever come up to me and say something to the effect like “I create spyware” or “I made that I love you virus a few years back.”  You would be in a pool of bodily fluids faster than your little Trojan virus can macro the words that you have no penis.  People who spend their time facelessly creating crap that has no use are basically doing so as an extension of their entire lives.  They are completely useless, and we would all be better off if you did not exist just to be a nuisance.  Imagine if your sole quality in life is being a nuisance.  Well that is the existence of the mosquito and the hacker.  Way to go people.


Also of note if you are a hacker, or whatever they call you useless pieces of trash: If your creation is referred to as "spam", you know you are a complete waste of a life. 
 
 
   
 

New Trojan virus to watch for

I will never understand why people waste their time developing viruses for computers!

 

 

Symantec.com > Trojan.Peacomm: Building a Peer-to-Peer Botnet

Trojan.Peacomm: Building a Peer-to-Peer Botnet

Symantec Security Response has seen some moderate spamming of a new Trojan horse. The threat arrived in an email with an empty body and a variety of subjects such as:

A killer at 11, he's free at 21 and kill again!
U.S. Secretary of State Condoleezza Rice has kicked German Chancellor Angela Merkel
British Muslims Genocide
Naked teens attack home director.
230 dead as storm batters Europe.
Re: Your text

The attachments may have any of the following filenames:
FullVideo.exe
Full Story.exe
Video.exe
Read More.exe
FullClip.exe

The attachment is not a video clip, but a Trojan horse program, which Symantec heuristic technology already detected as Trojan.Packed.8. Today's LiveUpdate definitions detect it as Trojan.Peacomm. Users of Symantec’s Brightmail Anti-Spam are also protected from this spam email.

The executable drops a system driver (wincom32.sys, also detected as Trojan.Peacomm), which injects some payload and hidden threads directly into the services.exe process, using a sophisticated technique similar to Rustock (see Mimi Hoang’s blog and Elia Florio’s blog). However, in spite of its name, wincom32.sys driver is not a "real" rootkit as it does not hide its presence or its registry keys in the system.

Once the computer is infected, Trojan.Peacomm attempts to establish peer-to-peer communication on UDP port 4000 with a small list of IP addresses, in order to download and execute more malicious files. If you use a personal firewall with egress filtering, you will be notified that the services.exe process is attempting to connect to a remote address on this port. Symantec’s Threat Management System shows a spike in traffic for UDP port 4000:

udp-4000.jpg

When it manages to connect to any of these initial IP addresses, it receives a list of additional IP addresses of infected machines and adds them to its list of available peers, building up a distributed network to aid in the download of more malware. The Trojan also keeps a "blacklist" of unsuitable peers. Part of this encrypted P2P configuration is stored in a file peers.ini stored in the %System% folder.

Currently the malware being downloaded is as follows:

game0.exe: A downloader + rootkit component – detected as Trojan.Abwiz.F
game1.exe: Proxy Mail Relay for spam which opens port TCP 25 on the infected machine – detected as W32.Mixor.Q@mm
game2.exe: Mail Harvester which gathers mail addresses on the machine and post them as 1.JPG to a remote server – detected as W32.Mixor.Q@mm
game3.exe: W32.Mixor.Q@mm
game4.exe: It contacts a C&C server to download some configuration file – detected as W32.Mixor.Q@mm

From a malware writer’s point of view, this strategy of using peer-to-peer communication presents clear advantages over the traditional botnet method of one (or a few) Command & Control server(s). First and foremost, it minimizes the chances of losing the botnet if you "cut the head" by bringing down the C&C server or redirecting the traffic. It also helps spread the load that such downloads would impose on a single server.

You are advised to update your products to the latest available security updates from Symantec. We also recommend following the safe computing practices and exercising caution when opening emails.

Posted by Amado Hidalgo on January 19, 2007 10:00 AM
 
 
 

   
A conspiracy against me I tell you!!

SOOooooOOoO much drama in my house today...let me just tell you...

 

 

So as if my life doesn't need more drama...the postal office and the Trojan company are out to ruin my life...yes read that correctly...there is a conspiracy against me that is headed by the mail and some condoms...they seriously want to ruin my life..and this is why..

 

Soo for some reason Trojan decides to send me a free sample pack of some lube and two condoms...for reasons I will never know...apparently I won the raffle that I never entered...anyways...the post office of course decides that they have nothing better to do than deliver it to my house...because you know they are obliged to send whatever is adressed to me...well guess who gets the mail first...OHH it wasn't me...it was my mother...who already has the habit of reading and opening my mail for me anyways...so to her surprise she finds condoms and lube samples in the letter and has a Jihad all of her own...

 

she plays the 948272397 questions game with me first....then starts tearing apart the condoms and lube and throws it all away...saying that sex before marriage is a sin blah blah blah...condoms are the antichrist blah blah Sex is sin...blah blah blah...etc etc....

 

X__x

 

do you see why the post office and Trojan are against me?? it's so apparent....:D

 

if she ever finds out...*you know who isn't a you know what* then all hell will break loose again....a damn shame of some good samples too...

 
 
   
 

These Guys Should Be Shot On Sight
I have not been able to use my computer for a few days now because it got a virus ( or 2 or 3). I think the people that do this kind of thing deserve to be shot on sight. I still have not been able to get rid of the thing- keep getting an auto shutdown.
 
 
 

   
Long time no see!

I feel pretty bad for not blogging for so many days. I've been insanely stressed because of the pending move. After the Penske rental prices went up so drastically, my bf & I tried to look for another company that can offer a comparable price we were quoted by Penske a month ago. We finally found Budget, and made a reservation to move this Friday (today!!). But the rental location just called me 2 days ago and said they had no truck! I thought it so fucked up to give people such a short notice since I made the reservation almost 2 weeks ago. Since I rent an apartment in a high rise, I also have to schedule our move out in order to reserve the elevator. That really messed me up. I mean, what the hell is a reservation for if you're not guaranteed anything? So I had to reschedule everything and pay an extra day of rent because my building won't let me move out on the weekends or the holidays (labor day). So now, I'm set to move on the coming Tuesday. And god I hope there's gonna be a truck for me. Other than that, we've had to sell a lot of our larger furniture. The cheap stuff is going quickly, but the more expensive stuff, which also happen to be the largest items still have not been sold. On top of that, my right eye suddenly got really poofy when I woke up (like an eye infection almost), and I was totally freaked out. Since I feel so helpless and things seemed so out of my control, I coped by testing out at least 10-20 pieces of software in the past few days. I know this sounds kinda weird, but software is much more controllable than my life at this point. With the given options, they usually do what I tell them to do (the keyword is "usually"). So here's what I've messed around with:

  • JAlbum  *FREE*

  • Ultra Edit

  • ExplorerPlus

  • xplorer² 

  • PocoMail

  • The Bat

  • Incredimail

  • ACA Capture Pro

  • SnagIt

  • Total Uninstall

  • Encrypted FTP *FREE*

  • Ewido Security Suite

  • Master Converter

  • ACDSee

  • BlogJet

  • Kolorgenerator *FREE*

  • Top Style Pro

  • Free Download Manager *FREE*

  • Notepad+++ *FREE*

  • Visual Thesaurus

  • Acronis True Image

  • Rename Master *FREE*

 

There may be others I didn’t list because I probably erased them from my hard drive and I don’t remember their names cuz they sucked. I’m not gonna bother writing a review for each of them. First, because I’m lazy. Second, I may not have tested them thoroughly if I didn’t find them useful or interesting right after install. Third, I have not used them long enough to make a judgement (although some of them were revisits). The ones I would recommend to others or worth checking out are the colored ones on the list. All of them are pretty good software, but maybe not exceptional. The ones I highlighted I would definitely recommend to friends.

Oh, I just forgot to mention that other than my moving & health woes, I actually had a undetectable trojan released onto my computer when I was uninstalling Kaspersky. It was hiding so well from all the virus scans (Kaspersky, BitDefender, McAfee, Norton, and all the big anti-virus names you can think of), that I had no choice but to reformat my C drive and do it ALL OVER AGAIN! After everything was set and done, my computer functioned much better (it was getting quirky before). But when my bf ran Ewido on my computer when everything seemed fine, it found 200+ infected objects (such as worms, spywares, keyloggers, and trojans). Now that sounds very scary as I always have a good antivirus program, am behind a firewall, only use Firefox, and run Microsoft AntiSpyware, Spyware Blaster, & Spybot on my computer religiously. That made me extremely paranoid and made me wonder if a person who is as anal as me still have so much gunk on my computer, how much crap would there be on a normal person’s computer?

 
 
   
 

Showing 1 - 5.   [ Next ]
 
Latest Comment
Re: I'm sick of living in an apartment!! - that is pretty surprising. Speaking of friends, you can mark me as...

Read...


 
© 2005-2007 MindSay Interactive LLC
| Terms of Service
| Privacy Policy
My Account
Inbox
Account Settings
Lost Password?
Logout 		Blog
Update Blog
Edit Old Entries
Pick a Theme
Customize Design
Modify Plugins 		Community
Your Profile
Wiki Pages
MindSay Tags
Video & Photos
Geographic Directory 		Inside MindSay
About MindSay
MindSay and RSS
Report Spam
Contact Us
Help