InterviewSolution
Saved Bookmarks
InterviewSolution
| 1. |
Solve : Virut on the rise? |
|
Answer» bye any chance evil fantasy is it possible to contract the virus bye going to IRC channel?Possibly. If you visit a page which injects code through your browser then it's completely possible. "Virut is a weird freak amongst malware." That actually isn't 100% true- there have been a few file infecting viruses with IRC and networking capabilities built in- in fact the author of a book studying viruses and how they work had one as an example. Interestingly enough, he submitted all his virus code to anti-malware authors/companies, in the hopes that they would add his virus signatures to prevent anybody doing anything malicious with them- it took most vendors over a year after publication before the AVs were catching them Obviously none have been as widespread.The EXPLOSION of p2p use has a lot to do with how rapid and widespread virus are now. People and antivirus vendors caught on to email/chat attachments pretty fast so many are able to avoid the malware spread through such means. With p2p all it TAKES is uploading the latest cracked version of a hot game, movie or CD to a single host site and it takes off like wild fire throughout the rest of the torrent sites and ultimately to the user.IM is the new horizon for infections.Quote from: patio on February 21, 2009, 11:52:51 PM IM is the new horizon for infections. which brings up an interesting story. yesterday somebody added me to MSN, so I figured, alright, I'll give them a chance. Immediately they sign in and ask for "help with VB" or something, and attach a zip. So I transfer it, unzip it... and it's an EXE file. they claimed it was their visual basic program. Can't REMEMBER exactly what they said was "wrong" with it, but I found a few things interesting when I opened the file with dependency viewer. In that is wasn't dependent on any vb runtime. This was a very strange VB program indeed! additionally viewing the resources revealed some untyped date that looked to be some SORT of executable (in that it started with MZ.) but I decided to play along with them(I didn't run the program I'm just messing with them. great fun)... Them:"Did you open it?" Me:"Yeah. It just opened a command window, and then closed." Me:"hmm. looks like I got infected somehow." Them:"PWNED" Me:"how?" Them:"It was my trojan >" Me:"Oh, it's a good thing I didn't run it then. I kind of figured out it wasn't a VB program like you claimed." Them:"I'm kidding I really need help with C++. Can you run it and check for me" Me:F---- off. (deletes contact) So, all in all, I got some entertainment for a few minutes anyway.Quote from: BC_Programmer on February 22, 2009, 09:29:05 AM Quote from: patio on February 21, 2009, 11:52:51 PMIM is the new horizon for infections. Lol nice I wish that kind of stuff would happen to me.How do i get a copy of this so called virut? Just want to test one out on my virtual pc. See if i can stop it.Quote from: kizza1645 on February 25, 2009, 02:05:19 AM How do i get a copy of this so called virut? see if you can stop it. yeah using your "hacker skills" which probably pretty much END at being able to show hidden files/folders. How would you stop it? There is no feasible attack vector to stop it. If EvilFantasy says a reformat/reinstall is required- your wasting your time.Quote from: BC_Programmer on February 25, 2009, 03:06:48 AM Quote from: kizza1645 on February 25, 2009, 02:05:19 AMHow do i get a copy of this so called virut? well i at least want to watch what happens.....Quote from: kizza1645 on February 25, 2009, 11:51:52 PM
See here: Under the Hood: Virut. |
|