Custom Trojan Creation Tool Sold Online

Finch writes "Net Security.org is reporting on the surprisingly sophisticated 'virus in a can' software called Pinch. Pinch is a tool sold on several online forums and designed to create Trojans. It allows attackers to specify the data that Trojans steal. One of the interface tabs, PWD, allows malicious users to select the type of password to be stolen by the Trojan: from email passwords to passwords kept by the system tools. It is possible to order the Trojan to encrypt this data when sending it, so that nobody else can read it. 'Pinch also lets users carry out other actions: turn infected computers into zombie computers, pack Trojans to make detection more difficult, and kill certain system processes, particularly those of security solutions.'"

obligatory

Yes, but does it run on Linux?

Re:obligatory

[phoenixwade]

Yes, but does it run on Linux? Better yet, Is it cross platform?

That sounds like fun

[Anonymous+Crowhead]

How much is it and where can I buy it? For, uh, research purposes.

Re:That sounds like fun

[Electrum]

I know you're joking, but what sort of fool would trust the seller with their own CC#?

Why does the card holder care? Your liability is limited to $50 by law, or zero by many card issuers. Merchants are the ones who lose with fraud, not the card holders or the credit card companies. In fact, the card company profits from fraud by hitting the merchant with a charge back fee in addition to reversing the transaction.

Re:That sounds like fun

[Whiteox]

Hey does anyone know how to read Russian?

Re:That sounds like fun

[FreyarHunter]

Not if you are a member of Key Bank. Bounced check deposits (from a paycheck no less) are removed as a "chargeback" with their wonderful fees thrown at the employee, who isn't... a... merchant. Seems a fun way to screw over your underlings for christmas, yeh?

nothing special

[sub7]

they were distributing trojans like this in the 1990s... sub7 anyone? ;)

Re:nothing special

[KillerCow]

Or the venerable Virus Creation Laboratory, ala '92.

Re:nothing special

[dave562]

You beat me to it. VCL was a great starting point for learning how to write virii. It was the first thing that I thought of when I read saw the article. [nostalgia]Sometimes I miss the days of Digital Decay and the NuKE vs YAM flame wars.[/nostalgia]

Re:nothing special

[UncleTogie]

VCL... Didn't "Nowhereman" set that up?

Re:nothing special

[Afecks]

I'm a trojan author so I'm getting a kick out of these replies...

No seriously, this is not a new idea. There was Senna Spy Trojan Generator many years ago. However, unless the generator actually generates the source code so you can compile it, I would call it a highly customizable backdoor, nothing more.

Re:nothing special

[UncleTogie]

I'm a trojan author...
Pardon my asking, but isn't admitting to that rather like stuffing bloody meat down your shorts and swimming with sharks?

Re:nothing special

[Antique+Geekmeister]

More like swimming with goldfish. Very, very few people actually have the willingness to jump through the awkward and painful hoops needed to act against crackers, especially to convict them. For every Kevin Mitnick who gets convicted, there are dozens and hundreds of far less aggressive and arrogant crackers who play in that world and just never draw that much attention.

Re:nothing special

[kdemetter]

I have a different theory : the more trojans and viruses get created , the more people will become security minded and install antivirus and firewalls .

So the people that write malware indirectly cause increased security.
So this is good news .

Re:nothing special

[Corwn+of+Amber]

Virus Creation Lab did not work. Does this one work?

Re:nothing special

[Antique+Geekmeister]

I see. And drunk driving leads to other people wearing seat belts and benefits their safety, right?

It's a very, very small silver lining on a very dark and expensive cloud that you're describing. The money wasted on expensive and system slowing virus software of limited usefulness could easily go to a backup system and the professional time to administer it, if the onslaught of malware weren't so amazingly aggressive and pervasive. It's especially bad in "public" networks, such as your average Starbucks wi-fi access area.

Re:nothing special

[Afecks]

I said trojan author, not user but yes the typical attitude aimed at malware authors is very damning. Being on "the list" isn't very fun either. Especially when nobody believes that you would write a backdoor but not use it or want people to use it in a nefarious manner.

You can draw many parallels between the gun control issue and malware. You don't blame the gun manufacturers for every gun related death do you? Well maybe you do but that's a moral question not a legal one (yet). However, removing all malware doesn't remove the desire from people to use it. Besides, the fact is that you could never get rid of all malware anyways so it's a moot point.

Re:nothing special

[UncleTogie]

You can draw many parallels between the gun control issue and malware. You don't blame the gun manufacturers for every gun related death do you?
No, but firearms have a lawful purpose: to defend your homestead. Malware, other than a learning exercise, has no lawful purpose.

Re:nothing special

[Antique+Geekmeister]

Well, I will admit that a worm can have a lawful purpose: to survey a corporate network for vulnerabilities and report back to owners of the network which machines are vulnerable. I've certainly broken into user accounts simply to demonstrate that their password practices and software configurations were unsound. By casting all such tools as malware, you're in danger of alienating people who do, in fact, simply poke around.

The difference is well illustrated by the infamous Robert Morris worm case. It was written to probe network security, and wasn't supposed to interfere with operations. What turned it from a network probe into malware was that it had errors, multiplied egregiously, and upon discovering that it was trashing systems worldwide Mr. Morris failed to warn anyone and instead spent the next 3 days trying to hide his traces. Considering that his father was the head of the NSA, it's not like he didn't have a good way to report it.

In fact, given that Robert's father was the head of the NSA at the time, I wonder if he didn't do it in part for his father or for the NSA, as a probe of network security that ran wild. It would explain how he stayed out of jail for it, and instead is now a professor of computer science at MIT. Fall guy for the NSA as a route to tenure? It's a fascinating idea, and difficult to disprove given the demonstrably criminal and historically ultra-secret nature of the NSA.

Re:nothing special

[Afecks]

Malware, other than a learning exercise, has no lawful purpose.
Well you just named 1 pretty big exception in the middle of your rule. I can name others.

Key loggers and traffic loggers are used by many parents to monitor their kids' activities and employers to monitor their employees.

Tools like Sub7 and Optix Pro can be considered merely unpolished, insecure versions of VNC, RemoteAnywhere, etc.

Rootkit-like behavior such as API hooks is used by Firewall and Anti-cheating software such as GameGuard.

Worms and viruses though don't have much of a use other than learning about how they work and how to stop them.

Nothing New

[KermodeBear]

There is nothing new here.

I remember back in my script kiddie days I was able to download programs that would put together a trojan or virus together from the various options the user selected. Press a button and viola! It generated an executable. This was ten years ago.

What's so new here? That fact that someone is commercializing it?

Well, good. If you have to shell out cash at least it will keep my 16 year old self from downloading it and causing annoyances.

Re:Nothing New

[geekoid]

Because no one would ever, never, ever put a free copy online somewhere?

Re:Nothing New

[dbrecht]

Sub 7 Defcon I think it was advertised as a free tool to remotely control a computer. But it also allowed you to have the remote computer send an email or ICQ message whenever it was online with its current IP address. Then you could connect to it and do a variety of things: Delete/Move/Upload/Download Files Print things Run any programs Change system settings Open/Close Optical Drives Or so I heard...

Re:Nothing New

Yeah, Sub7 was great. I thought the most entertaining feature was being able to quickly and easily set the user's desktop wallpaper image. It didn't take long to sniff just enough of the Sub7 protocol to be able to develop a tool that would a) scan huge swath of netspace for Sub7 b) login c) download a .jpg d) set wallpaper. A lot of people back in the late 90s woke up to find that overnight, their wallpaper had changed to a photo involving a cucumber and a very hairy receptacle.

Being able to pop custom modals was pretty fun, too. "ERROR: Insert penis into CD-ROM drive to continue operation! [OK]," followed by the CD tray immediately ejecting itself, probably freaked a few people out.

Oh, to be young again, those were the days...!

Re:Nothing New

[misleb]

Ahh, Virus Creation Lab. What memories. Brings me back to the days when viruses were pleasure, not business.

Re:Nothing New

[nurb432]

Yes, the fact its now a "business" is what is ( sort of ) new here.

It also makes it all that more irritating and pathetic.

Re:Nothing New

[Rideak]

oh man, what about looking at people on their webcam and using the text to speech tool to speak to them over their speakers. ahh the day's of windows 98.

I'm not scared...

[rob1980]

If anybody tries to install a trojan on my computer, I'll hit them back.

With Winnuke95.

Re:I'm not scared...

[dave562]

I will see your Winnuke95 and raise you a Goldbug.

Re:I'm not scared...

[Riceo]

I wrote the DaVinci Worm and totally hacked the Gibson.

Re:I'm not scared...

[Adambomb]

And a pepsi... .c

After all those

[rrohbeck]

"1NCRE@SE Y0UR PEN1S S1ZE 25% 1N 2 WEEKS!" programs I definitely need custom Trojans.

Re:After all those

[Jherek+Carnelian]

1NCRE@SE Y0UR PEN1S S1ZE 25% 1N 2 WEEKS!" programs I definitely need custom Trojans.

Ah, that is unless you've followed the instructions from this oldie but goodie:

--

Follow these instructions EXACTLY, and in 3 to 6 weeks you will have received well over 50,000 inches of penis, all yours. This program has remained successful because of the inadequacy and vanity of the participants. Please continue its success by carefully adhering to the instructions.

Welcome to the world of Mail Order Penis Enlargement! This little business is a little different than most cosmetic surgery. Your product is not solid (sic) and tangible, but rather a service. You are in the business of extending penii. Many small of endowment are happy to pay big bucks for this service.

(The money made from the penis enlargement is secondary to the income which is made from people like yourself requesting that they be included in that list.)
# Immediately cut off your penis at the base.
# Cut off the head of your penis, and pack it in ice.
# Take the remaining midsection of your penis, and cut it into 5 pieces of equal length.
# Immediately mail each piece to the first 5 names listed below starting at number 1 through number 5. Send penis only please (total investment your penis). Enclose a note with each piece stating: "Please add my name to your mailing list." (This is a legitimate service that you are requesting and you are paying your penis for this service).
# Remove the name that appears number 1 on the list. Move the other 9 names up one position. (Number 2 will become number 1 and number 3 will become number 2, etc.) Place your name, address and zip code in the number 10 position.
# Post the new letter with your name in the number 10 position into 10 (Ten) separate bulletin boards in the message base or to the file section, call the file, MAKE.PENIS.FAST.
# Within 60 days you will receive over 50,000 inches of PENIS. Keep a copy of this file for yourself so that you can use it again and again whenever you need penis enlargement. As soon as you mail out these letters you are automatically in the mail order business and people are sending you their penis to be placed on your mailing list. This list can then be rented to a reconstructive cosmetic surgeon that can be found in the Yellow Pages for additional income on a regular basis. The list will become more valuable as it grows in size. This is a service. This is perfectly legal. If you have any doubts, refer to Title 18, Sec. 1302 & 1341 of the postal lottery laws.

NOTE: Make sure you retain EVERY Name and Address sent to you, either on computer or hard copy, but do not discard the names and notes they send you. This is PROOF that you are truly providing a service and should the AMA, FDA, or some other Government Agency question you, you can provide them with this proof!

Remember as each post is downloaded and the instructions carefully followed, five members will be reimbursed for their participation as a Penis Enlarger with one inch of penis each. Your name will move up the list geometrically so that when your name reaches the number five position you will be receiving thousands of inches in penis.
# Daniel J. Karnes, 6394-B Tawney Bloom Mogi Donuts, MD 21045
# Newt Gingrich, Speaker of the House of Misrepresentatives, Washington, DC 20515
# Emil T. Chuck 6394-A Tawney Bloom, Mogi Donuts, MD 21045
# Charles Wilson 7690 Karnesville Road, Phobic, MI 48348
# William Davenant 8295 Hiding Closet Rd, Clarkston, MI 48348
# Peter Ruckman 14805 Rivercrest, Sterling Hts., MI 48312
# Steven Crisp 3718 Kings Point, Troy, MI 48083
# Mark Gengler 5748 Patterson, Troy, MI 48098
# Pat Robertson 666 God's Little Homophobe Road, Anti-Christ Hills, VA 48307
# Jesse Helms 20840 Tobacco Mercenary Street, Lung Cancer Hacks., VA 48038

Dear Friend,

My name is Daniel J. Karnes. In September 1988 my life was repressed and the bible thumpers were hounding me like you wouldn't believe. I

Only 10 years? How about 1992?

[khasim]

http://vx.netlux.org/vx.php?id=tv03
I still remember the password was chiba city.

Re:Only 10 years? How about 1992?

[drspliff]

Oh the days :)

"Mum, look I created my first virus"

They bearly worked and I understood nothing about the internals, but VCL is definately a prime example that this has been done many times before and is nothing new.

well you're obviously not the intended market

[JeanBaptiste]

anyone who would use one of these would likely download a pirated version.

Re:well you're obviously not the intended market

[morari]

Which is, itself, a Trojan...

Re:well you're obviously not the intended market

[X0563511]

Please stand by as space-time folds in upon itself.

Re:well you're obviously not the intended market

[TeknoHog]

Or as a Trojan unfolds upon my, you know.

Re:well you're obviously not the intended market

[gasmasher]

No. I don't know :(

Re:well you're obviously not the intended market

[Elite_Warrior]

is the call toll free ??

Re:well you're obviously not the intended market

[Antique+Geekmeister]

And provides its own virus protection from itself?

I've actually heard that proposed, to send out worms via common holes to go block those holes on unsuspecting victim's computers, as being more effective than making them download patches.

"Do-It-Yourself Trojans"

[Fedorpheux]

A great slogan for this program, but I bet our latex buddies have an entirely different interpretation of that...

Re:"Do-It-Yourself Trojans"

[Penguinshit]

"Don't go off unsafe; be cock-sure! Come prepared with Trojan Condoms!"

Aww yeah! Custom Trojan Creation Tool! Giggety!

[Greyfox]

I'm going to design mine with the ribs on the inside! For my pleasure! Aww yeah!

What I wonder...

[misleb]

I wonder who actually pays for these tools? Seems like such a tool would be freely downloadable after teh first purchase. I mean, it isn't like the author is going to try to sue you or anything (though maybe he'll DDoS your download site). It would be like a drug dealer calling the cops because someone stole his supply.

-matthew

Yeah, and no drug dealer would do that...

[benhocking]

Oh, wait... ;)

I'd like to see the EULA

[NotQuiteReal]

Does anyone have a copy of the EULA for that software?

Re:I'd like to see the EULA

[CautionaryX]

EULA

By agreeing to the purchase and install of Trojan-o-Matic, hereby called the 'Software', you agree to host 'x' amount of porn or phishing sites. The amount is determined by the Software according to its use and the creator of the software. At any time, you submit your computer to be a host server for the Software Creator's Nigerian email server. That is all.... oh, and your bank account is empty.

Re:I'd like to see the EULA

[Havenwar]

EULA, Pinch, 2.60
I reserve the right to go ballistic on your ass if you rip me off. (But feel free to redistribute if you include your custom trojan in the file.)

EULA - most other software
[four to six pages of nonsense much of it in all caps, mainly stating the exact same as above with the exclusion of the parenthesis but adding a page or two basically saying "I can also castrate you with a dull wooden spoon if you do something I would rather you pay me extra to get done."]

Re:Scary stuff to be sure

[realmolo]

Eh. Trojans/rootkits/viruses built form these "kits" tend to all be very similar. Essentially, if you defend against one, you're defended against all the others.

Never mind the fact that it's a fucking KIT. If YOU can download it, so can the anti-virus people in order to figure out how to detect viruses made with it.

The interesting thing about modern viruses/trojans/whatever is that very few of them are really *viruses* anymore. They rely almost completely on simply getting a user to manually run (or at least give permission to the system to run) an obfuscated executable. It's sad that the technique is so successful.

Re:Links to forums.

[Victor+Antolini]

This is news? There was a trojan generator, created in Brazil, by the name Senna Spy. It was created in 1999.

Beginning of a glorious new industry...

[barwasp]

and soon BSA campaigns are screaming, You wouldn't steal a trojan creation tool...

Damn, yes I would

security solutions?

[Sloppy]

kill certain system processes, particularly those of security solutions.

If you run trojans, can it really be said you have a security solution to be killed?

Re:security solutions?

[Sloppy]

You miss my point. If the user thinks it's ok to run untrusted software (even in cases where the software does not happen to be on anyone's blacklist), then they don't have a security solution. They just have a security illusion. That user could update their signatures 24 times per day, and they'll still be a sitting duck.

If I want you to run my trojan, why would I send a copy of my trojan to your malware-scanning software vendor first? That's like the Greeks sending the Trojans a letter the day before they presented the horse, saying, "watch out, we have soldiers in the horse." The whole point of a trojan is that you don't tell anyone what it is, until after you've killed them. Trojans cannot be detected until the secret's out. The only way to protect yourself, is to not drag a giant wooden horse inside your walls, even if you don't happen to know it contains Greeks. You have to look inside it. If you don't know how to look inside it, then leave it the fuck alone! That policy is the only "security solution" that actually works. Anything else, shouldn't be called "solution."

Re:Torrent?

[Havenwar]

Oh, actually a search for "pinch" on emule turns up quite a plethora of results... although once you've sorted out the porn and downloaded a few exe files (yes I know, for most geeks this is the exact reverse of the normal process), for some odd reason antivirus warnings start to pop up... apparently two out of three pinch downloads was infected with "Win32/PSW.LdPinch.P4 trojan" and the third with some other crap that I forgot to write down.

You can almost see the scriptkiddies sitting there with their brand new trojan going... "hmm, now if only I had some program to trick people into downloading... something I could merge my trojan with to start off my botfarm. Something I could put on fasttrack, and maybe emule... something idiots would download and run even if their antivirus goes off. Hey wait a minute, I'm an idiot and I just ran pinch even though 'norton' told me it was bad for me!"

slashvertisment?

[muszek]

it's the first slashvertisment that makes you search for the shop yourself...

Re:Torrent?

[PCM2]

apparently two out of three pinch downloads was infected with "Win32/PSW.LdPinch.P4 trojan"

Did you stop to think that maybe the construction set was identified as a Trojan because it ... you know ... contained the code for a Trojan? As in ... if it tripped your antivirus then you probably had the right one.

Name change

[blueforce]

Either the black-hats or the condom company, but someone has to change the name of their product.

These subject lines are killing me.

Re:Name change

[X0563511]

I would say the condom company.

Trojans (virus) have a lot in common with the Trojan Horse of mythology. What does Trojan Condoms have to do with Trojans? NOTHING. A BRAND AND LOGO.

I want Spartan Condoms!

Mod me flamebait, but

[postbigbang]

Since I have to take care of a lot of machines of people that get these things, my otherwise non-violent nature would like to find the authors, well, in a Turkish prison. Yes these things have been sold on the net for a long damn time, but I've also had to scrape, reformat, debug, and otherwise keep hapless unwitting people from the damage these things do. They're often chained to using Windows whether they want to or not.

I've seen them spend hundreds of dollars on both prevention and cure, only to get owned again. This isn't about Microsoft, this is about guys that are the seeming equivalent to those that might cut brake lines in a car. The outcome isn't injurious physically, just emotionally/mentally and financially.

My hacker instinct says always continue to hack and explore and try and break things, but selling trojans seems way over the top. No fucking 'let them download Ubuntu or get a second mortgage for a Mac' shit. This is real, this is vulgur, and this is a business plan for bright guys gone bad.... and I don't get paid for scraping this crap.

Re:Mod me flamebait, but

[Corwn+of+Amber]

Well, install MacOSX on their PCs and tell them "it's as much like Windows as a new mobile phone's interface resembles an older one." Install MS Office too, so they won't even have to try OpenOffice (and then inevitably ask why the hell it takes half an hour to load).

I don't want to preemptively answer the counter-arguments to this. I'm right anyway. Normal people don't NEED windows. There is software to do e-mail, web, chat, office, HTPC, taxes, office, whatever - on Linux. And if they need Adobe or other professional must-have software (sound, video, 3D, whatever), it's not like running OSX technically requires to buy a Mac... (and it's much easier to install than any real true BSD, too. I can tell, I'm posting this from my Hackintosh.)

Re:Mod me flamebait, but

[Thing+1]

[...] and I don't get paid for scraping this crap.

<adam savage> Well there's yer problem! </adam savage>

Respectable

[neochromatic]

As much as I despise the concept, I respect the authors of this program. They are putting forth time and effort to create a product that can be used by others. Instead of whining about such a lack of a program on an online forum, or creating a conspiracy as to why such a program doesn't exist, they went out there and made it happen. I've seen and known quite a few people who would have done just the opposite. Instead of going out there and finding and creating a solution for their problems, they instead would opt to blame their personal problems on everyone but themselves. Some even going so far as to draft up elaborate conspiracy theories to explain their own inadequacies. I won't point any fingers, but I've even seen a person exactly like this on Slashdot. Best of luck to the authors of this product. Despite my distaste for what they have created, I have respect for them. Hopefully the "oppressed" in this world will take note, most likely not, though.

Whoever wrote that and released it ...

[ScrewMaster]

needs to have his liver removed with hot pincers.

Re:Whoever wrote that and released it ...

[mechapants]

removed yes, but in a donatable state would be best for everyone.

Difference between Good and Evil

[HomelessInLaJolla]

I had to modify the following post to take any direct references as I have no way of knowing if you, personally, actually made use of your exploits outside of your own private testing environment...

I guess that's the difference between real tao programmers and script kiddies.

I _could_ have engaged in the same things that script kiddies did, exploiting other people for personal amusement and/or gain, but made a conscious decision not to. I saw the links, I looked at the downloads, the ftp sites, and the web pages. I _could_ have become involved in that sort of thing.

But, and I guess a significant majority of the population is lacking this little definition in their upbringing, I decided that there were far better uses for my intellectual ability... You know, something productive, something which would benefit people, something which didn't rely on targetting and exploiting others' ignorance.

The actions of script kiddies (and don't take this personally because you're part of the greater population) remind me of taking the lunch money from a quadrapalegic.

What's really sick is that most of them got a real kick out of it--and they're the asshats that I'll have to work next to in the professional world.

Re:Difference between Good and Evil

[HomelessInLaJolla]

You haven't even asked for my resume, nor have you asked about my skills and experience, nor have you asked what I'm qualified to do, nor have you offered me a list of your available openings. All you want to do is rant. Tech companies can spend nearly a hundred thousand dollars bringing an H1-B applicant online but they can't give me a little boost out of this situation? Sounds like a fishbowl.

You qualify for the standard response...

Thank you for visiting Slashdot, yet again, to post a followup to my writings.

I am convinced that you are not a stalker. I am also convinced that you have some intellectual ability of your own.

It has become clear, over the last six months, that you do not like the topics which I choose. It has also become clear, over the last six months, that you do not like what I have to say about those topics. It has also become clear, over the last six months, that you will never relent in your demonstrated goal to follow up nearly everything which I post with an anonymous reply filled with derision, scorn, disdain, challenge, and vitriol. It is also clear that you have not made a single original post of your own but, rather, you exist only by coattailing on thoughts which I express.

So here's your big chance: Sign up for an account, watch the front page, and post some original material or original thoughts of your own. Then e-mail to me a link to your particular post and I will make an honest and sincere effort to demonstrate for you what a constructive, and perhaps even a constructively critical, response would look like. Through a possible miracle it may happen that we could reach some sort of reasonable discourse rather than you simply following every post that I make with more of your challenges, disdain, scorn, derision, and vitriol.

Wouldn't you like to make Slashdot a better place? I sure would. Here's your chance to demonstrate that you have any capacity at all to express your own thoughts.

Ahhh

[hmmdar]

You know i was kind of disappointed to see this was about computer viruses, was hoping it was about Trojan the Condoms

Re:Torrent?

[EVil+Lawyer]

He did consider that. His point was that precisely because of what you're saying, people will run a file that's supposed to be Pinch, even if they see a virus warning. Therefore, it would make sense for people who want to create a botfarm to make a virus with Pinch, and then throw it up as a torrent and say it IS pinch. Get it?

Actually...

[His+Shadow]

The question is does it run on *anything* aside from Microsoft Windows XP with IE and Outlook?

Because I find it amusing that they can write these articles and not give any useful information as to what systems are affected buy such a program.

But then I guess most of us already know the answer.

Free Trial

[plaxion]

You can get a free trial here.

Oh, wait...

Any skilled Hacker

[perlhacker14]

Any skilled hacker could create their own trojan or malicious software. If a ninth grader can do it in a combination of Perl and MASM, I am sure that any smart person might be able to apply their brains to create anything. Of course, creating these are a waste of time and gain nothing, so...

The Future of Anti-Virus

[Nom+du+Keyboard]

I'm believing that the future of anti-virus/rootkit solutions has to be a live CD that runs fully independently of the host system and software being scanned.

Re:The Future of Anti-Virus

[Urza9814]

They already have quite a few of those. I knew if you actually buy Norton anti-virus (not that anyone ever would...horrible software...I've had to fix so many computers that it totally fucked), the CD will boot to a virus scan. Problem is there's no real way to update the virus definitions.

Re:The Future of Anti-Virus

[Corwn+of+Amber]

There is. The computer is connected by Ethernet to a DSL router in most cases, so creating a ramdisk to download updated definitions is very very possible. And all but a few computers that still run now have USB ports, so you can stick a key with up-to-date definitions in there too.

If the LiveCD is good enough, it will detect the minimal hardware needed to do its job ... read the defs from the 'Net or USB device ... scan, delete infected files ... reboot. The whole process could be made to be automatic and never require user intervention.

Is it free and open source?

[WK2]

No? Then I'll just stick with bo2k. Free, open source, and probably more mature than the advertised program. Thanks for the spam, slashdot.

The price of the server is peanuts.

[symbolset]

It's the per client licenses that kill your budget.

You fail it.

[symbolset]

You seem smart. Nevertheless you're solving the wrong problem. Solve the right problem and it will be ok.

Re:Torrent?

[Havenwar]

Well, yes. Hence why I found it amusing that only two out of three downloads (of exactly the same files according to filename and versions and all... except filesize) warned about that particular trojan, which could logically be an indication of it containing the code it will later use. The third occasion warned for another trojan, which means that either that was the correct one, or it was infected with another trojan. Of course they were all infected, as was blatantly obvious hours later when I sandboxed them and tried the program out without antivirus protection.

Unfortunately for cheapskate scriptkiddies, only older versions of pinch is available free through simple means. To get the later version you'll have to cough up or have good connections. Unfortunately for the rest of us, older versions still do the trick... but then that is nothing new, there has been script kiddies with custom virus and trojan kits since the early days of the world wide web, so I don't think this is anything to panic over either.

Although fun to play with. And oh so tempting to bundle it back in itself and share on the mule. With a custom trojan contantly pinging the whitehouse with emails about terrorist threats.

Custom Trojans

[coren2000]

I need custom Trojans because Im just so well endowed.

ahhh.... who am I kidding....??

Re:Custom Trojans

[Lithdren]

Nobody

I like my trojan to have a custom fit too

[NoBozo99]

with ribbing to please the ladies. ;-)

Re:Executive Order 9877389291

[Lithdren]

Virii? YOU honestly believe Bush would know to use the term Virii?

Way to break the mood!

Re:Torrent?

[nacturation]

Here's a handy search tip: let's say you want to look for the movie Harry Potter in Shareaza. Reverse the word order so you search for Potter Harry, apply the filter -"Potter Harry" and you'll get the results you're looking for minus all the viruses, spyware, and trojans which (at least presently) use the exact order of what you search for.

Re:Torrent?

[Havenwar]

Good tip, but if I understand it right it would counter only malware that renames themselves to your search query, and I have yet to encounter any of that on the emule network. I guess it is predominantly on the fasttrack network? Or possibly a tip for those who have a server list infected with fake servers.

Re:Torrent?

[nacturation]

Yeah, it seems to be the Gnutella2 network. I just did a search for: havenwar 867124 and here are some of the results:

1.20MB: tUboO @ havenwar 867124 1 (uCF)[x].zip
559KB: Angel havenwar 867124 1 [New Version] Vocal.wma
355KB: [LiveStream] havenwar 867124 1 @256kbps Extended.wma
1.30MB: (CDZ) havenwar 867124 1 (full)(Divx).zip

Status is all green checkmarks with multiple sources, reporting 16 or 24KB/s download speed, and some show a five-star rating.

Re:Executive Order 9877389291

[rantingkitten]

Considering that "virii" is a made-up, non-English word, then yes, I can believe Bush using it and being mocked in the media the next day for another brilliant Bushism. The proper plural is "viruses".

Hate to be the one who bears bad news. And by the way, "boxen" is not a real word either.