1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Malware + Free and "nulled" Downloads

Discussion in 'BlackHat Lounge' started by gbmack, Jul 24, 2009.

  1. gbmack

    gbmack Power Member

    Joined:
    Apr 19, 2009
    Messages:
    705
    Likes Received:
    686
    Just a warning.

    Rarely are things free in life, and if it is, there is usually a catch.

    If you've downloaded a crack or keygen or anything, from BHW or the net, consider yourself at risk.

    Even if you scanned it with virustotal and it came up 0/38, or you "think" you have the best antivirus software, don't go to sleep sound tonight.

    My friend frequents hacker forums and he talks about how people create and sell viruses/keyloggers/spyware on the black market, completely elusive and undetected from virustotal or any antivirus software.

    They're just like us. We try to elude CPA and Google banhammers, they avoid antivirus blacklists. We market with incentives, they do the same.

    How do you get this malware? "nulled" downloads, keygens, cracks, torrents, etc.

    And the incentive? -- it's free.

    Sure, the cracks work, but that's exactly how more people will download it.


    I'm NOT saying all keygens/nulls/cracks are infected, but a good number of them are. Just ask yourself, would you do all that work, and simply give it away to the public for free? You could wait until the day all your details to your accounts get changed, or change them now, do a reformat of Windows, change your accounts' details, and never, ever download torrents, keygens, cracks, nulled software, etc.

    Besides, it's the motto of BHW to "take action."

    That's some food for thought.
     
    • Thanks Thanks x 1
  2. heiny

    heiny Regular Member

    Joined:
    Dec 5, 2008
    Messages:
    227
    Likes Received:
    103
    That's why you get it from Scene people and not BTT n00bs
     
  3. onetoo3com

    onetoo3com Registered Member

    Joined:
    Mar 25, 2009
    Messages:
    92
    Likes Received:
    49
    They are sound words gbmack, just think for a second what some of those guy's can do, All Undetected. Frightening!!
     
  4. jimbobo2779

    jimbobo2779 Jr. VIP Jr. VIP Premium Member

    Joined:
    Sep 17, 2008
    Messages:
    3,245
    Likes Received:
    2,397
    Occupation:
    Software Engineer
    Location:
    UK
    Home Page:
    Yup but to be honest a firewall will stop pretty much any useful attack, that I could think of anyway, which wouldn't be undetectable.....

    Or can you get an outside connection without the firewall popping up? It only takes a couple of people to spot something funny going on for the file to get listed in AV apps as a virus.

    Again I could be completely wrong in this lol, Im hardly a virus expert.
     
  5. oxonbeef

    oxonbeef BANNED BANNED

    Joined:
    Jan 4, 2009
    Messages:
    2,242
    Likes Received:
    7,872
    Sorry to tell you but your wrong a malware controller
    will rename their bot, RAT, trojan or whatever they're using, explorer.exe,synchost.exe or something like that. they're
    windows processes that your firewall is configured to allow.
    The malware connects from your pc out, not in so your firewall
    will allow that traffic. AV's are useless against the serious hacker
    and I'm not talking about script kiddies that buy ready made
    trojaning kits off hacking forums. The best way to protect your
    pc is to use something like "all seeing eye" by Fortego security
    it is not an AV but it tells you everything that is going on in
    your pc far more than your task manager so if you install new
    software you have to allow each registry change before they
    are made.
    It never ceases to amaze me the amount of people who who
    use computers and haven't got a clue what's going on in it.
    How many people understand all the tasks that are being
    used in their task manager? how would they know what's
    upposed to be running and what's not.
    The only way to beat the hacker is to learn how to hack
    otherwise you'll
    never know what they are caperble of. I see people talking
    about viruses all the time and they can't even tell a virus from
    a keylogger from a trojan from a bot what chance do they stand
    against drive by exploits. There are plenty of people talking about
    cookie stuffing on here do they realise it's just as simple to be
    infected by a browser exploit using the same technology.
    If your going to play in the jungle learn the ways of the animals that way
    you won't get eaten alive.
     
    • Thanks Thanks x 2
  6. keinehabe

    keinehabe Supreme Member

    Joined:
    Nov 4, 2008
    Messages:
    1,207
    Likes Received:
    472
    Gender:
    Male
    Occupation:
    -= CEO =-
    Location:
    Heaven
    Home Page:
    well :) first of all that's must be a lesson learned by all those who prefer to use ''shortcuts'' the idea it's simple like that , since some of peoples are too lazy to pay few bucks for a software /script , and they think they can use for free , of course I think they deserve to pay by some way the ''effort '' you know what I mean , and yes I can say with prety big guarantee's here are way's to '' hide '' such stuff's , more important most of this type of peoples don't even know how to protect their computers , I saw even windows OS cracked and backdoored :) , even a day ago one guy from my ymsg list downloaded from a torrent site one anti-virus LOL ... :) honestly folks you deserve to have your computers used by peoples who hunt stupids like that sorry to say that but ... that's the damn it truth :)
     
  7. Bacanze

    Bacanze Junior Member

    Joined:
    Nov 12, 2008
    Messages:
    150
    Likes Received:
    49
    Occupation:
    Uni student
    Location:
    UK
    Agreed, Making malware undetectable isnt too difficult, and VirusTotal is quite useless as it doesn't scan at runtime, I'd elaborate a little more, but gtg.
     
  8. Doom101

    Doom101 Junior Member

    Joined:
    Jun 19, 2009
    Messages:
    179
    Likes Received:
    49
    thats why you install all these 'apps' on a virtual machine and seperate from your real machine where you keep all your important data.
     
  9. The Scarlet Pimp

    The Scarlet Pimp Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 2, 2008
    Messages:
    788
    Likes Received:
    3,129
    Occupation:
    Chair moistener.
    Location:
    Cyberspace
    Several years ago an Aussie hacker ("Munga Bunga") gave away the password-cracking script "Brute Force", which was later revealed to contain a trojan. Big surprise there...

    Some people just like to bootleg software, while others have ulterior motives. If you run Win then you should always be wary of any free software.

    Like this one...
    http://en.wikipedia.org/wiki/SpySheriff
     
  10. Grizzy

    Grizzy Senior Member

    Joined:
    Nov 11, 2008
    Messages:
    919
    Likes Received:
    999
    windows virtual boxed on linux distro + common sense = not much to worry about
     
  11. onetoo3com

    onetoo3com Registered Member

    Joined:
    Mar 25, 2009
    Messages:
    92
    Likes Received:
    49
    Do you know? this thread could be huge and I mean huge, I thank youall for bringing this up to our eyes and in point blank proof.
    Thanks guy's maybe you could tell us more about what's going on in our Task manager first, it could help many people. Thanks given
     
  12. onetoo3com

    onetoo3com Registered Member

    Joined:
    Mar 25, 2009
    Messages:
    92
    Likes Received:
    49
    I think the Title of the thread maybe putting people off. Looks like " you can get malaware for free!" and not in BOLD
     
  13. jammie

    jammie Jr. VIP Jr. VIP Premium Member

    Joined:
    Feb 24, 2008
    Messages:
    773
    Likes Received:
    453
    BTW, if they rename there process as "explorer.exe" or w/e, it has a different checksum, thus it's not the same as the one you're running so it'll block it.

    Most people who do cracks etc. do it for fun and aren't doing it like this. I used to crack basic programs and i know how they work.

    If they were *so* bothered about infecting people, why would 99% of keygens typically be "infected"? All you have to do is change the file header and do some quick maths and it'll come up as clean on 99.9% of things.

    They don't do it because there stuff works, they're doing it for fun and they have no incentive to hide how there programs work.

    And to those who say "look in task manager" or even the better ones, it's easy enough to hide from those. If i created a program that was ran hooked on the kernel, you wouldn't see it. Fortunately you need a driver to do this so there are always tell tale signs.

    Please don't talk crap when you have no idea what you're talking about.
     
    • Thanks Thanks x 1