1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Beware if you downloaded

Discussion in 'BlackHat Lounge' started by HaRRo, Feb 28, 2010.

  1. HaRRo

    HaRRo Elite Member

    Joined:
    Oct 29, 2005
    Messages:
    2,676
    Likes Received:
    13,447
    Occupation:
    Self Employed
    Location:
    Miami, FL
    It has come to our attention that users are posting malicious downloads that may infact steal passwords and are using these passwords to post under other accounts

    There has been numerous amounts of users with high post counts posting these files which has led us to believe anyone who has downloaded these files are getting there passwords stolen so far i have seen fake SENUKE and SCRAPEBOX download urls.

    These if you have downloaded please run ANTIVIRUS immediately then come back and change your ALL YOUR passwords.


    IF YOU HAVE DOWNLOADED RECENTLY PLEASE MAKE SURE YOU CHECK THE FILES YOURSELVES AS THESE USERS ARE POSTING FAKE VIRUSTOTAL RESULTS.

    IF THE DOWNLOAD SEEMS TO GOOD TO BE TRUE DO NOT DOWNLOAD IT.

    I SUGGEST EVERYONE TO CHANGE PASSWORDS AND RUN AV SCANNERS ASAP. FOR YOUR OWN SAFETY ASWELL AS YOUR OHTER ACCOUNTS.

    Again we are doing everything to delete these asap. But from now do not trust fake virustotal results.


    Again we cant moderate everything. So be very aware.

    Thanks
    HaRRo


    P.S Any accounts that have been comprised we will work with you to re-enable them if they have been wrongly used. But not until you are 100% sure you are virus/trojan free.

    Thank you for the understanding.
     
    • Thanks Thanks x 43
  2. Knoxgates

    Knoxgates Supreme Member

    Joined:
    Aug 9, 2008
    Messages:
    1,266
    Likes Received:
    918
    Thanks for the heads up. I didn't downloaded anything since last 3-4 months.
     
  3. WizGizmo

    WizGizmo Super Moderator Staff Member Premium Member

    Joined:
    Mar 28, 2008
    Messages:
    3,844
    Likes Received:
    55,442
    Yes . . . Good move HaRRo.

    And to the members: When you change your passwords, it might be a good idea to use 15 to 20 mixed numerals and characters to make it more difficult to crack. However, that doesn't do any good until after your machine has been completely cleaned of whatever virus has been going around.
     
    Last edited: Mar 1, 2010
  4. Sanitarium

    Sanitarium Regular Member

    Joined:
    Sep 27, 2008
    Messages:
    312
    Likes Received:
    648
    Occupation:
    I guess making love to your eyes since you're read
    Location:
    In your mind.
    Too bad.

    Maybe time to make the Download section posts subject to an approval process? i.e they don't go live until reviewed. Is anything like that in the system? Possible? Waste of time?
     
  5. WizGizmo

    WizGizmo Super Moderator Staff Member Premium Member

    Joined:
    Mar 28, 2008
    Messages:
    3,844
    Likes Received:
    55,442
    It might be a good idea to check back with the established members who were banned to see if there was a pattern. If we could find a commonality as to what particular program they all downloaded, we could then pinpoint what particular application it was that started this crap.
     
  6. Theodore

    Theodore Power Member

    Joined:
    Oct 13, 2009
    Messages:
    679
    Likes Received:
    266
    Thanks harro,
    Also what might help is if you need to use passwords while you're running your antivirus, or just want to be extra cautious you can use an on screen keyboard that can easily be found in your start menu should stop them from seeing what you're typing.
     
  7. tygrus

    tygrus Supreme Member

    Joined:
    Mar 28, 2009
    Messages:
    1,237
    Likes Received:
    827
    Occupation:
    Engineer
    Location:
    Canada
    Scary stuff.. I guess there is no such thing as security on the internet.
     
  8. xinoanet

    xinoanet Regular Member

    Joined:
    Aug 8, 2009
    Messages:
    216
    Likes Received:
    30
    Location:
    Kitchener, Ontario
    god damnit! okay so I fell for the SENUKE thread, downloaded... looked at it and was like this is fishy... ran kaspersky and nothing...

    so i installed it and it froze my computer and it was using up my ram like mad... i am not sure if it installed completely because windows 7 said it failed to install, i am scanning my comp as we speak.
     
  9. blazen

    blazen Regular Member

    Joined:
    Mar 8, 2008
    Messages:
    471
    Likes Received:
    147
    It was probably using your pc for a botnet. The reason why your anitvirus didn't pick it up when you scanned it is probably because the software download itself technically is not malware, but as soon as you install it, it creates or put malware on your computer.
     
  10. nodoubtgq79

    nodoubtgq79 Junior Member

    Joined:
    Jul 12, 2008
    Messages:
    168
    Likes Received:
    163
    if you want an online scanner

    try mcafee

    you can run the online scanner while you're doing something

    needs to run on IE

    Code:
    http://home.mcafee.com/Downloads/FreeScanDownload.aspx
    here are more

    Code:
    http://www.bitdefender.com/scanner/online/free.html
    Code:
    http://security.symantec.com/sscv6/WelcomePage.asp
    Code:
    http://www.eset.com/onlinescan/
     
    • Thanks Thanks x 1
    Last edited: Mar 1, 2010
  11. Albert

    Albert Regular Member

    Joined:
    Apr 15, 2009
    Messages:
    488
    Likes Received:
    82
    Location:
    BHW
    I am surprised people would even look for cracks for softwares like ScrapeBox. It should be way more than $57, yet the creator loves the BHW too much to make it as expensive as other software applications. Are people really that desperate?
     
    • Thanks Thanks x 1
  12. Hyperion

    Hyperion Regular Member

    Joined:
    Apr 21, 2009
    Messages:
    307
    Likes Received:
    59
    Location:
    Treasure Island
    From what I hear/understand all the passwords were phised and not cracked so a 15-20 character length password isn't going to help you in my opinion.
     
  13. hawke

    hawke Power Member

    Joined:
    Nov 14, 2008
    Messages:
    644
    Likes Received:
    533
    Location:
    Ohio
    Run untrusted files in some type of VM environment, that will help too....
     
  14. SebastianJu

    SebastianJu Power Member

    Joined:
    Mar 27, 2008
    Messages:
    679
    Likes Received:
    130
    So I now made a full system scan with avira antivir free and found 2 downloads I didnt opened before that both contains

    TR/FakeAV.ABC

    The files are:

    SENuke.V.5.55.Full.Crack.45222.exe
    and
    SENuke.V.5.55.Full.Keygen.45222.exe

    Are these the Trojans that are used?

    The bad thing with warez is you never know if a antiviralert is because a trojan or because of the patch/crack...
     
  15. SebastianJu

    SebastianJu Power Member

    Joined:
    Mar 27, 2008
    Messages:
    679
    Likes Received:
    130
    Is it possible to test warez without installing a whole new os?
     
  16. nodoubtgq79

    nodoubtgq79 Junior Member

    Joined:
    Jul 12, 2008
    Messages:
    168
    Likes Received:
    163
    you can download the software on 1 computer..remove keygen

    use another computer to run keygen and get your code and you're done

    or you can run keygen on it then remove it when you're done with it

    key gen always shows up as a trojan

    never had a problem because of it...but you never know!
     
  17. SebastianJu

    SebastianJu Power Member

    Joined:
    Mar 27, 2008
    Messages:
    679
    Likes Received:
    130
    @Harro

    So I thought the hacked account owners will be contacted and the things cleared out? Because of that I thought I can wait for the things that will happen but it seems it doesnt happen.
    So sycthos (the creator of statblaster) wrote me now this.

    Code:
    (23:30:01) sycthos: You said that you haven't heard from me on the StatBlaster thread in the Lounge. Well, there isn't much I have to say now. I'm having a very difficult time contacting any moderator. IRC seems to be a dead end since I haven't seen a moderator there who does not appear to be idle. I've IM'd WiredMom but she did not respond. I'm trying to IM more moderators now.
    So is something done here?
     
  18. Jonnyh431_

    Jonnyh431_ Newbie

    Joined:
    Dec 6, 2009
    Messages:
    16
    Likes Received:
    14
    I was a victim of this a while ago, still haven't got my jonnyh431 account back lol
     
  19. Bestbuyfoam

    Bestbuyfoam Jr. VIP Jr. VIP Premium Member

    Joined:
    Nov 14, 2009
    Messages:
    1,637
    Likes Received:
    536
    Thanks for the heads up...

    Have a blessed one...
     
  20. OnlineGodfather

    OnlineGodfather Senior Member

    Joined:
    Mar 3, 2010
    Messages:
    1,116
    Likes Received:
    406
    Occupation:
    Interwebs
    Location:
    Russia
    That really sucks, I'll defineatly watchout from now on.