Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×

Trojan Installs Anti-Virus, Removes Other Malware 202

Posted by Zonk from the clever-little-monkey dept.
An anonymous reader writes "SpamThru takes the game to a new level. The new virus uses an anti-virus engine to remove potential 'rival' infectious code." From the article: "At start-up, the Trojan requests and loads a DLL from the author's command-and-control server. This then downloads a pirated copy of Kaspersky AntiVirus for WinGate into a concealed directory on the infected system. It patches the license signature check in-memory in the Kaspersky DLL to avoid having Kaspersky refuse to run due to an invalid or expired license, Stewart said. Ten minutes after the download of the DLL, it begins to scan the system for malware, skipping files which it detects are part of its own installation."
This discussion has been archived. No new comments can be posted.

Trojan Installs Anti-Virus, Removes Other Malware More

Trojan Installs Anti-Virus, Removes Other Malware

Comments Filter:

  • Hmm.. (Score:4, Funny)

    by Anonymous Coward on Saturday October 21, 2006 @07:27AM (#16527245)
    It sounds a little too intelligent to have been designed by humans.

    Cyclons? I hear they are hot!

  • Potential for good, and evil (Score:5, Funny)

    by Anonymous Coward on Saturday October 21, 2006 @07:28AM (#16527255)
    Wake me up when it also installs linux.

  • Re:Hmm.. (Score:5, Funny)

    by Aladrin ( 926209 ) on Saturday October 21, 2006 @07:34AM (#16527281)
    Cylons, I think you mean. And yeah, there's 2 or 3 that are pretty awesome. Nothing like having sextuplets for... well, sex.

    But I do agree that this guy is either extremely forward thinking, or a madman. His own virus could prevent any further viruses he writes... That's... Stupid. :D

    I was immediately outraged at the illegal install of software, but then I remembered the virus itself was illegal anyhow, so it didn't much matter. It's like murdering everyone in a church on Sunday, and then spraypainting graffiti on the walls. Somehow, it's just not that much worse.

  • Re:This is great! (Score:5, Funny)

    by Mikya ( 901578 ) <mikyathemad@noSpAm.gmail.com> on Saturday October 21, 2006 @07:40AM (#16527311)
    Hopefully we will see a new "virus" war, hasn't it been quite a while since the last one?

    There's a reason for all those extra cores in the upcoming processors. :)

  • A Trojan that Installs Anti-Virus & removes ot (Score:5, Funny)

    by Anonymous Coward on Saturday October 21, 2006 @07:42AM (#16527321)
    Malware is commonly known as the Norton Antivirus installer. ;)

  • Sounds good! (Score:5, Funny)

    by 1.000.000 ( 876272 ) on Saturday October 21, 2006 @07:44AM (#16527325)
    Where can i get this trojan?

  • Darwin, Schmarwin (Score:5, Funny)

    by CheeseburgerBrown ( 553703 ) on Saturday October 21, 2006 @07:47AM (#16527339) Homepage Journal
    I know before too long they'll be some long and nearly interesting thread about the Darwinian loveliness manifest in this virus' competitive adaptation, but I think it instead provides a firm basis to identify the handiwork of Intelligent Design.

    In other words, God spams.

    He Is That He Is has simply moved on from meat-based proselytizing and entered the so-called Cyber Age, as was foreseen in Deuteronomy 4:20, Revelations 1:1415, and Glossary 36:D.

  • Great Idea! (Score:5, Funny)

    by CalSolt ( 999365 ) on Saturday October 21, 2006 @08:00AM (#16527379)
    I'm just waiting for Microsoft to release a virus that'll force everyone to run Automatic Update. Think of how many problems it would solve!

  • Re:A wise move (Score:5, Funny)

    by jbourj ( 954426 ) on Saturday October 21, 2006 @08:01AM (#16527385) Homepage
    I can just see the rival spyware companies' lawsuit: "the users were never promted and asked if they wanted our product removed."

  • Er.... (Score:5, Funny)

    by spasticfraggle ( 670632 ) on Saturday October 21, 2006 @08:16AM (#16527457)
    2? Those bloody integers, eh?

  • This is also *good* because (Score:1, Funny)

    by CatoNine ( 638960 ) on Saturday October 21, 2006 @08:34AM (#16527529)
    If this hacked Kapersky removes all other malware from the infected system. The user only needs to run *one* other removal tool to end up with a clean system again. (OK, OK, for a while then...)

  • Re:This is great! (Score:4, Funny)

    by iMouse ( 963104 ) on Saturday October 21, 2006 @09:00AM (#16527611)
    Wait! I have the answer! Just install WinAntiVirus and WinAntiSpyware Pro 2006! It'll download the Trojan, you pay your $24 or whatever, and it all disappears!

    Wait...what's that "annoying as hell" flashing icon in my taskbar for...?

  • Re:Hmm.. (Score:5, Funny)

    by Dunbal ( 464142 ) on Saturday October 21, 2006 @09:00AM (#16527613)
    It's like murdering everyone in a church on Sunday, and then spraypainting graffiti on the walls.

          Why spraypaint when you can use all the blood - it just look so much cooler, uh, wait...

  • Re:Sounds like .. (Score:5, Funny)

    by Orgazmus ( 761208 ) on Saturday October 21, 2006 @09:19AM (#16527705)
    Please dont use Peter Norton's name in connection with Symantec's Anti-CPU Suite. Thank you

  • Re:Sounds good! (Score:2, Funny)

    by StarfishOne ( 756076 ) on Saturday October 21, 2006 @09:57AM (#16527873)
    Are you considering to add this trojan to your viral signature? ;)

  • Re:This is great! (Score:5, Funny)

    by StarfishOne ( 756076 ) on Saturday October 21, 2006 @10:06AM (#16527915)
    Graphical Processing Unit, Physics Processing Unit,... Virus Processing Unit? :)

    It should be noted though, that a "Virus Accelerator Board" is not a very good name from a marketing perspective! :P

  • Re:Er.... (Score:5, Funny)

    by davecrist ( 711182 ) on Saturday October 21, 2006 @10:23AM (#16528001) Homepage
    I'd say 2 was the prime suspect, at least... 8)

  • Re:Done before? (Score:2, Funny)

    by An ominous Cow art ( 320322 ) on Saturday October 21, 2006 @10:32AM (#16528057) Journal
    Boring, eh? They're both vigilante attempts to fix the problem, but this one actually downloads and installs a pirated commercial AV software package. Significantly different from Welchia, and the first of its kind, as far as I know.

    People have joked for years about releasing a worm that patches Windows systems by installing $LINUX_DISTRIBUTION, this thing just brings us one step closer :-).

  • Re:Sounds like .. (Score:2, Funny)

    by TheOtherChimeraTwin ( 697085 ) on Saturday October 21, 2006 @11:14AM (#16528315)
    Sorry, but The Geek Formerly Known As Peter sold his name along with his soul to the Symantec Overlords. He is now only known by the sequence 50696E6B205368697274.

  • Re:Potential for good, and evil (Score:5, Funny)

    by SmurfButcher Bob ( 313810 ) on Saturday October 21, 2006 @11:34AM (#16528415) Journal
    > Second it install anti-virus software that chews up computing resources with out doing anything useful.

    If *that* were true, it would have installed NAV.

    *cough*

  • Re:This is great! (Score:5, Funny)

    by Ruff_ilb ( 769396 ) on Saturday October 21, 2006 @11:48AM (#16528525) Homepage
    Viral marketing?

  • Re:A wise move (Score:3, Funny)

    by ElephanTS ( 624421 ) on Saturday October 21, 2006 @11:54AM (#16528565)
    spywear

    That's like dark glasses, false moustache, hat, black leather jacket?

  • Re:Potential for good, and evil (Score:3, Funny)

    by inca34 ( 954872 ) on Saturday October 21, 2006 @12:42PM (#16528885) Journal
    So did they win? Tycho, that is... or is there something I need to pay for so I can read it? ;)

  • Re:Airport Codes (Score:2, Funny)

    by Anonymous Coward on Saturday October 21, 2006 @01:05PM (#16529059)
    You can imagine what the airport code for Fukuoka (in Kyushu, Japan) is.

    Yep. That.

  • Re:This is great! (Score:3, Funny)

    by jZnat ( 793348 ) * on Saturday October 21, 2006 @01:20PM (#16529185) Homepage Journal
    And then the Linux users can utilise that extra processing power for more SETI@Home stuff. Awesome!

  • Just get rid of it altogether (Score:3, Funny)

    by sillybilly ( 668960 ) on Saturday October 21, 2006 @02:31PM (#16529773)
    I'm not too excited about anything competitive like this. Soon these viruses will get smarter and smarter, soon making sophisticated decisions that resemble artificial intelligence behaviour, and then just leave it up to darwinism til these things evolve into something smarter than us. Luckily we can still just pull the plug on any computer as a last measure, but once they come up with computers that have undisconnectable power cords - wait, you can always use a woodden handled axe to cut the cord, if you got such a thing, and it's not electric powered with an rfid chip that shocks you if you can't id yourself because such weapons have to be kept out of terrorist hands, in the name of public safety. But you can always just bite the damn cord apart, and recieve a mild shock in the process. So we only have to worry about systems that can never come down, such as the electric grid, or hospital systems that have backup grids, where there is always power, so such viruses might hide out in such "always on" systems and evolve, but hey, we can even shut down the electric grid if that's what it takes to take control back, problem is these days the shutting switches are also computer controlled, and I suggest we should have a manual shut off station where you can toss a lever just like in the good old days, as a general safety measure for any device that is powered by energy. Most things in your home have a power cord you can pull, and you can shut off all power to your home by cutting the conduits where the electricity, natural gas and high pressure water come in, but there are complicated places in the world where nobody really knows how to shut the whole thing down, or where is the switch to toss to shut the whole thing down. On the other hand, you also don't want such shut the whole thing down switches too accessible, because of terrorists, damn, not again, these terrorirsts are annoying maaan.... Once there are cameras everywhere watching for terrorists, and computer vision is developed enough to where those computer driven cars can actually drive through the desert on their own, meaning they can see, then these viruses will be able to see everything in the whole world, including you disconnecting their power cord, and they can instantly make up a false criminal record and send 911 on your ass and have the police plug the power back in, and you can say you're innocent, riiight, that's what all people in prison say, they are all innocent.... Once I laughed at someone for saying "fuck technology." I love technology, it's so much fun, but maaan, fire was the first big technology man invented, and playing with any new technology since then is like playing with fire - it's fun, but you can get burned if you don't pay attention. On the other hand how do we know that such "higher intelligence" entitities would not be protectors, but destructors of us? What is man to nature on this Earth? A protector, maintainer or destructor? Do unto others....?

  • Finally! (Score:3, Funny)

    by sjames ( 1099 ) on Saturday October 21, 2006 @09:43PM (#16532835) Homepage Journal

    It's about time someone ported Corewars to Windows!

Slashdot Top Deals

Saliva causes cancer, but only if swallowed in small amounts over a long period of time. -- George Carlin

Close