Dragon Soldier
One of the Regulars
- Messages
- 288
- Location
- Belfast, Northern Ireland
If this is considered too naughty feel free to delete.
I know we really shouldn't discuss dodgy P2P sites/packages but I wanted to warn anyone who might be tempted to visit them purely for research purposes.
Someone, or some group of people with a reasonably good knowledge of the swing scene has 'seeded' several networks with a trojan disguised as properly tagged .wma files.
I have no idea how they do it, but when you attempt to play the file you'll get a pop-up asking you to run codec.exe (smart, eh?) which is the payload.
It's not the typical P2P response which simply echoes whatever you search on and is easily enough spotted, but something that looks like a proper music file - with correct artist etc.
I have noted them on both Gnutella and 'donkey' networks.
Just thought it worth mentioning
I know we really shouldn't discuss dodgy P2P sites/packages but I wanted to warn anyone who might be tempted to visit them purely for research purposes.
Someone, or some group of people with a reasonably good knowledge of the swing scene has 'seeded' several networks with a trojan disguised as properly tagged .wma files.
I have no idea how they do it, but when you attempt to play the file you'll get a pop-up asking you to run codec.exe (smart, eh?) which is the payload.
It's not the typical P2P response which simply echoes whatever you search on and is easily enough spotted, but something that looks like a proper music file - with correct artist etc.
I have noted them on both Gnutella and 'donkey' networks.
Just thought it worth mentioning
