Slashdot Mirror

← Back to Stories (view on slashdot.org)

Trojan Installs Anti-Virus, Removes Other Malware

Posted by ryuzaki0 on from the clever-little-monkey dept.

An anonymous reader writes "SpamThru takes the game to a new level. The new virus uses an anti-virus engine to remove potential 'rival' infectious code." From the article: "At start-up, the Trojan requests and loads a DLL from the author's command-and-control server. This then downloads a pirated copy of Kaspersky AntiVirus for WinGate into a concealed directory on the infected system. It patches the license signature check in-memory in the Kaspersky DLL to avoid having Kaspersky refuse to run due to an invalid or expired license, Stewart said. Ten minutes after the download of the DLL, it begins to scan the system for malware, skipping files which it detects are part of its own installation."

27 of 202 comments (clear)

  1. Hmm.. by Anonymous Coward · · Score: 4, Funny

    It sounds a little too intelligent to have been designed by humans.

    Cyclons? I hear they are hot!

    1. Re:Hmm.. by Aladrin · · Score: 5, Funny

      Cylons, I think you mean. And yeah, there's 2 or 3 that are pretty awesome. Nothing like having sextuplets for... well, sex.

      But I do agree that this guy is either extremely forward thinking, or a madman. His own virus could prevent any further viruses he writes... That's... Stupid. :D

      I was immediately outraged at the illegal install of software, but then I remembered the virus itself was illegal anyhow, so it didn't much matter. It's like murdering everyone in a church on Sunday, and then spraypainting graffiti on the walls. Somehow, it's just not that much worse.

      --
      "If you make people think they're thinking, they'll love you; But if you really make them think, they'll hate you." - DM
    2. Re:Hmm.. by Dunbal · · Score: 4, Funny

      It's like murdering everyone in a church on Sunday, and then spraypainting graffiti on the walls.

            Why spraypaint when you can use all the blood - it just look so much cooler, uh, wait...

      --
      Seven puppies were harmed during the making of this post.
  2. Potential for good, and evil by Anonymous Coward · · Score: 5, Funny
    Wake me up when it also installs linux.

    1. Re:Potential for good, and evil by SmurfButcher+Bob · · Score: 5, Funny

      > Second it install anti-virus software that chews up computing resources with out doing anything useful.

      If *that* were true, it would have installed NAV.

      *cough*

      --

      help me i've cloned myself and can't remember which one I am

    2. Re:Potential for good, and evil by inca34 · · Score: 3, Funny

      So did they win? Tycho, that is... or is there something I need to pay for so I can read it? ;)

  3. Re:This is great! by Mikya · · Score: 5, Funny

    Hopefully we will see a new "virus" war, hasn't it been quite a while since the last one?

    There's a reason for all those extra cores in the upcoming processors. :)

  4. A Trojan that Installs Anti-Virus & removes ot by Anonymous Coward · · Score: 5, Funny

    Malware is commonly known as the Norton Antivirus installer. ;)

  5. Sounds good! by 1.000.000 · · Score: 5, Funny

    Where can i get this trojan?

    --
    This is a viral signature. You are now infected!
    1. Re:Sounds good! by StarfishOne · · Score: 2, Funny

      Are you considering to add this trojan to your viral signature? ;)

  6. Darwin, Schmarwin by CheeseburgerBrown · · Score: 5, Funny

    I know before too long they'll be some long and nearly interesting thread about the Darwinian loveliness manifest in this virus' competitive adaptation, but I think it instead provides a firm basis to identify the handiwork of Intelligent Design.

    In other words, God spams.

    He Is That He Is has simply moved on from meat-based proselytizing and entered the so-called Cyber Age, as was foreseen in Deuteronomy 4:20, Revelations 1:1415, and Glossary 36:D.

    --
    These stories are free but worth money.
  7. Great Idea! by CalSolt · · Score: 5, Funny

    I'm just waiting for Microsoft to release a virus that'll force everyone to run Automatic Update. Think of how many problems it would solve!

  8. Re:A wise move by jbourj · · Score: 5, Funny

    I can just see the rival spyware companies' lawsuit: "the users were never promted and asked if they wanted our product removed."

  9. Er.... by spasticfraggle · · Score: 5, Funny

    2? Those bloody integers, eh?

    1. Re:Er.... by davecrist · · Score: 5, Funny

      I'd say 2 was the prime suspect, at least... 8)

  10. This is also *good* because by CatoNine · · Score: 1, Funny

    If this hacked Kapersky removes all other malware from the infected system. The user only needs to run *one* other removal tool to end up with a clean system again. (OK, OK, for a while then...)

  11. Re:This is great! by iMouse · · Score: 4, Funny

    Wait! I have the answer! Just install WinAntiVirus and WinAntiSpyware Pro 2006! It'll download the Trojan, you pay your $24 or whatever, and it all disappears!

    Wait...what's that "annoying as hell" flashing icon in my taskbar for...?

  12. Re:Sounds like .. by Orgazmus · · Score: 4, Funny

    Please dont use Peter Norton's name in connection with Symantec's Anti-CPU Suite. Thank you

    --
    The system had the verbosity of HTML combined with all the readability of compiled assembly viewed as bitmap images
  13. Re:This is great! by StarfishOne · · Score: 5, Funny

    Graphical Processing Unit, Physics Processing Unit,... Virus Processing Unit? :)

    It should be noted though, that a "Virus Accelerator Board" is not a very good name from a marketing perspective! :P

  14. Re:Done before? by An+ominous+Cow+art · · Score: 2, Funny

    Boring, eh? They're both vigilante attempts to fix the problem, but this one actually downloads and installs a pirated commercial AV software package. Significantly different from Welchia, and the first of its kind, as far as I know.

    People have joked for years about releasing a worm that patches Windows systems by installing $LINUX_DISTRIBUTION, this thing just brings us one step closer :-).

  15. Re:Sounds like .. by TheOtherChimeraTwin · · Score: 2, Funny

    Sorry, but The Geek Formerly Known As Peter sold his name along with his soul to the Symantec Overlords. He is now only known by the sequence 50696E6B205368697274.

  16. Re:This is great! by Ruff_ilb · · Score: 4, Funny

    Viral marketing?

    --
    http://www.TheGamerNation.com/Forums
  17. Re:A wise move by ElephanTS · · Score: 2, Funny

    spywear

    That's like dark glasses, false moustache, hat, black leather jacket?

    --
    spoonerize "magic trackpad"
  18. Re:Airport Codes by Anonymous Coward · · Score: 2, Funny

    You can imagine what the airport code for Fukuoka (in Kyushu, Japan) is.

    Yep. That.

  19. Re:This is great! by jZnat · · Score: 2, Funny

    And then the Linux users can utilise that extra processing power for more SETI@Home stuff. Awesome!

    --
    'Yes, firefox is indeed greater than women. Can women block pops up for you? No. Can Firefox show you naked women? Yes.'
  20. Just get rid of it altogether by sillybilly · · Score: 2, Funny

    I'm not too excited about anything competitive like this. Soon these viruses will get smarter and smarter, soon making sophisticated decisions that resemble artificial intelligence behaviour, and then just leave it up to darwinism til these things evolve into something smarter than us. Luckily we can still just pull the plug on any computer as a last measure, but once they come up with computers that have undisconnectable power cords - wait, you can always use a woodden handled axe to cut the cord, if you got such a thing, and it's not electric powered with an rfid chip that shocks you if you can't id yourself because such weapons have to be kept out of terrorist hands, in the name of public safety. But you can always just bite the damn cord apart, and recieve a mild shock in the process. So we only have to worry about systems that can never come down, such as the electric grid, or hospital systems that have backup grids, where there is always power, so such viruses might hide out in such "always on" systems and evolve, but hey, we can even shut down the electric grid if that's what it takes to take control back, problem is these days the shutting switches are also computer controlled, and I suggest we should have a manual shut off station where you can toss a lever just like in the good old days, as a general safety measure for any device that is powered by energy. Most things in your home have a power cord you can pull, and you can shut off all power to your home by cutting the conduits where the electricity, natural gas and high pressure water come in, but there are complicated places in the world where nobody really knows how to shut the whole thing down, or where is the switch to toss to shut the whole thing down. On the other hand, you also don't want such shut the whole thing down switches too accessible, because of terrorists, damn, not again, these terrorirsts are annoying maaan.... Once there are cameras everywhere watching for terrorists, and computer vision is developed enough to where those computer driven cars can actually drive through the desert on their own, meaning they can see, then these viruses will be able to see everything in the whole world, including you disconnecting their power cord, and they can instantly make up a false criminal record and send 911 on your ass and have the police plug the power back in, and you can say you're innocent, riiight, that's what all people in prison say, they are all innocent.... Once I laughed at someone for saying "fuck technology." I love technology, it's so much fun, but maaan, fire was the first big technology man invented, and playing with any new technology since then is like playing with fire - it's fun, but you can get burned if you don't pay attention. On the other hand how do we know that such "higher intelligence" entitities would not be protectors, but destructors of us? What is man to nature on this Earth? A protector, maintainer or destructor? Do unto others....?

  21. Finally! by sjames · · Score: 2, Funny

    It's about time someone ported Corewars to Windows!