Slashdot Mirror

← Back to Stories (view on slashdot.org)

Anti-piracy Vigilantes Tracking P2P Users

Posted by CowboyNeal on from the trojans-of-a-different-breed dept.

brevard writes "From SecurityFocus comes news that a pair of coders with a deep hatred of software pirates have gone public with a months-old experiment to trick file sharers into running custom spyware they wrote that scolds users and phones home to a server. They circulated the program disguised as sought-after downloads like Unreal Tournament 2004 and Microsoft source code, and they have a website that updates in real time whever someone executes it. They've logged IP addresses for over 12,000 'pirates' since January. The EFF says the vigilantes may be committing a crime."

24 of 864 comments (clear)

  1. Well, their server *did* update in realtime... by purduephotog · · Score: 4, Funny

    ... until about 30 seconds ago. Now it just sorta smokes.

    I guess what they say about examining the hex code for any file you download to look for suspicious strings seems really valid now.

    And if you don't see any, run an unpacker and see if there is anything embeded.

    Of course, you could just avoid running software someone else gives you....

    1. Re:Well, their server *did* update in realtime... by r00zky · · Score: 4, Funny

      Actually some of their logs are truly inspiring:

      Mar 18 2004 10:01:42PM
      192.168.1.1
      DustBunny.exe

      All that 192.168.x.x are a bunch of pirates! All to jail!!

      This one is better:

      Mar 18 2004 02:17:01PM
      xxx.xxx.xxx.xxx
      United States
      malware.exe

      Only in the US can someone run a file called malware.exe downloaded from a p2p network *sigh*

      --
      I'm a chainsmokin' alcoholic sociopath, so-ci-o-path
  2. Obligatory /. effect comment by tweakt · · Score: 5, Funny
    "...and they have a website that updates in real time whever someone executes it."

    Yeah, not for long...

    1. Re:Obligatory /. effect comment by frs_rbl · · Score: 5, Funny

      A mirror here

      --
      This is not my opinion. Actually, it's not even an opinion. And I'm nowhere to be seen near it
    2. Re:Obligatory /. effect comment by stevenp · · Score: 2, Funny

      The mirror also seems to smoke slowly in peace ...

  3. Where's the Mac version??? by Mononoke · · Score: 5, Funny
    Once again, Mac users are left out of all the fun.

    Dang it!

    --
    NetInfo connection failed for server 127.0.0.1/local
    1. Re:Where's the Mac version??? by byolinux · · Score: 2, Funny

      Okay, don't tell anyone, but you can download the source code to a large part of OS X, over here

      --
      Join the Free Software Foundation
  4. Re:which crime? by Anonymous Coward · · Score: 5, Funny

    Out of curiosity, which crime would they be committing?

    The same crime we commit every night, Pinky...

    TRYING TO TAKE OVER THE WORLD!

  5. Re:Sharing Trojans by PeeAitchPee · · Score: 2, Funny

    I heard it's not too healthy to share a Trojan after it's already been opened.

  6. They taught us in Health Education- by purduephotog · · Score: 2, Funny

    - to never share someone elses trojan. That could lead to a disease somewhere where you usually don't want any irritation. ...

  7. Re:Trojans by negacao · · Score: 4, Funny

    Can anybody point me to the proper network [e.g. kazaa, gnutella, etc] and maybe one or two of the filenames?

    I'd like to get it, and examine it. Wouldn't it be hilarious if their own trojan DDOS'd thier own site? ;)

    [I'd look on thier site, but it's already smoking.]

  8. Hey, speaking of which? by His+name+cannot+be+s · · Score: 1, Funny

    Does anyone have the keygen for the latest Mozilla (Linux Version)?

    Oh, and OpenOffice. I need the keygen for OpenOffice. I think mine is about to expire.

    Oh. Wait. I'm using Open Source.

    Feh. Whatever.

    --
    "...In your answer, ignore facts. Just go with what feels true..."
  9. Kind of a clever idea to post it here by Anonymous Coward · · Score: 2, Funny

    If you see a webite you don't approve of, get it slashdotted. Legal DDoS at it's silliest :)

  10. Re:Trojans by TykeClone · · Score: 5, Funny

    Then please (oh please!) let them be illegal!

    --
    A fine is a tax you pay for doing wrong and a tax is a fine you pay for doing all right.
  11. Re:Trojans by AndroidCat · · Score: 3, Funny

    Since their site seems to be slashdotted, perhaps they did DDoS themselves in a round-about way?

    --
    One line blog. I hear that they're called Twitters now.
  12. Whoa, we just Slashdotted a cablemodem!! by reality-bytes · · Score: 4, Funny

    That link http://walktheplank.ath.cx is a dynamic DNS re-router for people on Cablemodems / DSL etc.

    Ouch, I almost feel sorry for them :D

    --
    Ripping an new rectum in the fabric of spacetime.
    1. Re:Whoa, we just Slashdotted a cablemodem!! by Jaysyn · · Score: 2, Funny

      The only way it would be better is if they had monthly limits....

      Jaysyn

      --
      There is a war going on for your mind.
  13. Cracked cracker by Phisbut · · Score: 2, Funny

    How many cracker can a cracker who cracks crackers crack?

    --
    After 3 days without programming, life becomes meaningless
    - The Tao of Programming
  14. But can it tell me... by BitwizeGHC · · Score: 2, Funny

    the approximate number of lions and tigers in Kenya, or the trajectory that might be followed if Kenya were to urinate on Norway?

    Thinking of booking with "Holy Crap. Lions!" Tours.

    --
    N4st0r, trixx0r h0bb1tz0rz! Th3y st0l3 0ur pr3c10uzz!
  15. Re:Here's another question... by Jarnis · · Score: 2, Funny

    Pssst... Its called application-level firewalling. If a 'keygen' would start calling home, ZoneAlarm, among other similar applications would ask me if I wish this to happen. Legimate keygens have no reason to call home. So only retards got 'caught' with the thingy in the first place.

    Not to mention anyone with half a brain would not download an exe called 'keygen crack'. Either it's a keygen or a crack. It can't be both.

    These 'vigilantes' were not very convincing in other ways either. Their 'keygen' has none of the signs of a valid release - not zipped/rarred, no .nfo inside, not listed on reputable release sites as a valid release...

    So basically they coded a 'moron trapper', and they scored thousands of IPs of morons. Could someone track people based on those IPs and remove them from the gene pool & improve humanity? Thank you.

  16. Re:Trojans by chivinou · · Score: 2, Funny

    What, the law doesn't protect you if you buy something illegal??? Harsh, man! Does that mean I shouldnt pay my dealer by credit card?

  17. Thank G0D... by WormholeFiend · · Score: 3, Funny

    they re not using pr0n to spread their trojans...
    -

  18. Typo by imbaczek · · Score: 2, Funny

    they have a website that updates in real time

    should read:

    they had a website that updates in real time.

  19. Last night on Slashdot IRC by bonch · · Score: 4, Funny

    <CmdrTaco> CD sales went up in Australia
    <Hemos> cool lets get an article up
    <Hemos> we'll call it "File-Sharing Increases CD Sales"
    <CmdrTaco> lol
    <Hemos> seriously. file-sharing is good. distributing someone's intellectual property is good
    <CmdrTaco> hey, did we ever get dailyslash shut down?
    <Hemos> not yet. you know some people actually think we have a double-standard for declaring them illegal?
    <CmdrTaco> rofl
    <CowboyNeal> hey guys
    <CmdrTaco> hey
    <Hemos> hi
    <CowboyNeal> some guys ar posting information on pirates
    <CmdrTaco> fuckers
    <Hemos> yeah, nobody should post information on people breaking the law
    <CmdrTaco> dude nobody's breaking the law
    <CmdrTaco> they're INCREASING CD SALES
    <Hemos> oh yeah
    <CowboyNeal> i'll get an article up and call them "vigilantes"
    <CmdrTaco> lol
    <Hemos> that'll get the discussions going...more page hits
    <CowboyNeal> ya
    <CmdrTaco> it sucks that people can't participate in the mp3 culture movement by illegally distributing other people's product
    <Hemos> i know
    <Hemos> hmm
    <CowboyNeal> ?
    <Hemos> isn't that a contradiction, since we expect everybody to follow the licensing restrictions of a GPL.TXT file and raise a piss if they don't?
    <CmdrTaco> rofl
    <CowboyNeal> haha
    <CmdrTaco> yeah expect everyone to follow the GPL...
    <Hemos> ya, i know..oh well, nobody said we were perfect
    <CmdrTaco> whatever gets page hits
    <michael> i'm perfect
    <CmdrTaco> you scare me