Trojaned build of DC++ found in the wild

vbimport

#1

We have received word that a trojaned version of DC++, which is a P2P program, is available for download on several legitimate sites, including download.com.

From what we know only build 0.668 is affected. The trojaned version installs several malware onto the system upon execution of the installer.

It installs TrojanDownloader.Win32.Istbar.er, Trojan.Win32.Krepper.ag and Trojan.Win32.Agent.ba - these files are all in a way related to the installation of AdWare.

Once again we’re seeing that a single package is downloading a huge amount of AdWare. All in all we detected about 50 infected objects on an infected system.

It’s interesting to note is that the trojaned version of DC++ actually is smaller in size than the clean one.

The size of the clean build is 2.452.326 bytes while the trojaned version is 2.385.151 bytes in size.

We advise everybody who has installed DC++ build 0.668 to check their systems properly for infections.

MD5 for clean version: 9041a4c53a30bb45fcd6a81669241045
MD5 for trojaned version: 02ffde276505191525e84cf084cb85e9

Update:
Cnet has been notified and is taking steps to remove the malicious DC++ package from download.com.
[RIGHT]source: Viruslist.com[/RIGHT]

so watchout where you download your software :cop:


#2

ahahha - you should always go http://sourceforge.net/projects/dcplusplus/ it seems :smiley:


#3

man go to www.revconnect.com they are trojan free


#4

the moment i posted this thread i just knew you going to say that.
almost start to believe you got some shares in revconnect :wink:
but must agree that it really is a good client. with popular files im always on my max download speed :slight_smile:


#5

:stuck_out_tongue: i cant help my self when it come’s to that program it is just that is the best program for peer 2 peer share so i am trying to tell as many as i can


#6

And it adds extra people to download from too, not that you were thinking like that … :wink:


#7

lol never thoght that lol now that you made me think of it www.revconnect.com www.revconnect.com www.revconnect.com www.revconnect.com www.revconnect.com www.revconnect.com www.revconnect.com www.revconnect.com www.revconnect.com www.revconnect.com www.revconnect.com www.revconnect.com
download revconnect and get free porn when you do :bigsmile: :stuck_out_tongue:


#8

lol, i know, i don’t think i’ve seen a p2p oriented thread w/out Vegeta-inc pimpin revconnect. i may have to try it sometime, but you know that whole reverse psychology thing :wink:


#9

ok ok i will not say one more thing about that program {www.revconnect.com} again i just didnt think i was going on abouut it that hard sorry guys.


#10

we’re just joshin’ ya man…it really doesn’t bother me.


#11

it was just when you guys said that i knew you would post rev up and saying share’s in rev i went bck though some of the old post that i did man like almost 99.9% i put in revconnect download it use it love it just made me think that you guys might get sick of me going rev this rev that but i will try to slow down on pimping my beloved " www.revconnect.com " :stuck_out_tongue: had to add that


#12

LMAO


#13

Keep in mind that reconnect has requirements of At Least 1Mb/s download bandwidth…
The vast majority of the world is still somewhere between dialulp & 1Mb/s …
Pimping Revconnect does no favours … especially if people that don’t read the details install it and find it extremely wanting on their low bitrate conenctions …


#14

Just tried revconnect its great! much batter than normal DC++! great download speeds! :eek:


#15

just remember, THESE guys were using the DC network so be smart:
http://www.cdfreaks.com/news/11261


#16

:rolleyes: WTF wow they are cracking down hard. but like come on what do they think they are going to get happening " stop to all peer 2 peer" man if they go the way they are it will go like hacking did. You know someone out there is hacking some company but you never hear that they did or didnt. If they go on trying to ban peer 2 peer it will just go under ground and the one’s with the thought in there head of “hey i want to peer 2 peer how can i do it” will be the one’s that do peer 2 peer and from what i know there is are thing in the usa call defcon were hacker’s meet and talk about hacking and all that so what is next are thing called peer were all the peer 2 peer hacker’s go to meet and talk about peer 2 peer thing’s they do. I say wake up you cant stop something when it started around the time’s pc’s did so if you want to stop peer 2 peer stop makeing pc’s. But what about the friends thing i have burned game’s for friends so now the dof i thing it was is going to come and sue me it.


#17

i agree p2p will never go away and they need to adapt or die. just saying…be smart about it.


#18

sorry but you’re wrong
as you can read on the revconnect website you need at least a 1Mbit/s connection and not 1Mb/s to download from multiple sources


#19

yea i know where you are comming from it is just when i saw what happen :rolleyes: just cus they hosted are hub…

p.s it is not just for 1mbit connection i got mate’s on dail up and they use it to it is just some hubs dont let you in with lest then 1mbit connection


#20

If you are gonne be a smart ass, at least get your details right first.

FYI:
1 megabit per second is denoted with a lower case “b” = 1Mb/s
1 megabyte per second, which is 8 megabits per second , is denoted as 1MB/s.

Don’t forget that ‘mega’ is denoted with a capital ‘M’ (otherwise it describes the metric distance unit ‘metres’) and that seconds are denoted with a lower case ‘s’.

For all intents, broadcast medium are always described in bits (Mb/s) as they are a serial transmission, whereas internal to computers, and a few other external things like parallel ports will be described in “bytes” per second as they are parallel technologies.
And exception is SATA which a serial type transmission, but is described in Bytes per second as a comparison with the parallel ata technology which preceded it.

Enough for you?

As an example … you will find that ISP’s advertise their connections in Mega Bits per second … but you will max out in speed at less than 1/8th of their reported speed in windows, as the windows reports in bytes per second …

Did you never wonder why your 56Kb/s dialup always maxed out around 7-8KB/s?