Safety Chicken wonders about the dodgy rubbish you can pick up on p2p networks

[hirez]

Entirely unsurprising goings-on concerning the eDonkey network: http://blogs.securiteam.com/index.php/archives/801

(In short, bogus swerver responds to legit (FAVO) query, so instead of happy pr0n or cc-licenced mp3 or whatever, you get virus/trojan-encrusted nastiness. Best not do that.)

Comments

[figg.livejournal.com]

I find google/rapidshare more reliable for finding mp3s than p2p networks.

[It seems there is a plethora of bloggers who upload albums. )

[eljaydaly.livejournal.com]

I miss the ancient days when the internet was still underground and cool and you had to learn at least a little bit even to even know how to get there or what to do when you arrived. All this new and glitzy mass-market pickpocketry is just so depressingly mainstream. I feel so aged.

[aoakley.livejournal.com]

One of the best attack vectors I heard was a completely uninfected video file, which required a rare codec, and when you installed said codec... trojan! You've got to credit the malware writers for that bit of ingenuity.

[hirez.livejournal.com]

Hm. Yes. Quite.

[quercus.livejournal.com]

Errrr..... That one is trivial (skiddie-capable) and has been around for years.

A "codec" doesn't need to be a codec, it can just be any piece of dodgy COM that implements a trivial COM interface, does its nefarious work and then hands off to a real codec that was probably there all along. Any monkey can write one, even in VB. The give-away is usually a piece of video that insists on re-downloading the same magic new codec every time.