EOSERV Forum > Announcements > Seose 0.1.7b/0.1.9 malware warning
Topic is locked.
Page: << 1 2 >>
Seose 0.1.7b/0.1.9 malware warning
Author Message
Post #140951 Seose 0.1.7b/0.1.9 malware warning

The old Seose download "seose-bin.0.1.7b.zip" hosted on sordie.co.uk has been detected as containing a trojan "Trojan.Agent-148430".

If you believe you may have downloaded and used Seose 0.1.7b in the past, please perform a virus scan on your computer, and delete any old copies of the download to prevent distribution.

12 years, 36 weeks ago
Post #140966 Re: Seose 0.1.7b malware warning

Oh the laughs I got off of this.  Good job on the heads up.

12 years, 36 weeks ago
Post #140970 Re: Seose 0.1.7b malware warning

YOU SAVED LIVES TODAY MAN

12 years, 36 weeks ago
Post #140971 Re: Seose 0.1.7b malware warning

Why would sordie put malware in her software o.o?

---
If money doesn't grow on trees, then why do banks have branches?
12 years, 36 weeks ago
Post #140984 Re: Seose 0.1.7b malware warning

So it will die.

---
http://www.torn.com/478456
12 years, 36 weeks ago
Post #141082 Re: Seose 0.1.7b malware warning

Lol EOserv people always hacking and giving people viruses. I won't download shit from yall lol.

12 years, 36 weeks ago
Post #141093 Re: Seose 0.1.7b malware warning

As erotic as I find "*wrangles Sordie over his knee and brandishes a paddle*" ;] I give you my word I have never added any malicious code to Seose. Assuming there has never been an upload from any other computer than mine (Sausage can check this as he has the logs, dates and knows myIP)thenthis is probably a false negative. Obviously I advice caution and if you're unsure then never run anything on your computer.

EDIT: Just upload this to virustotal. Here are the results:
https://www.virustotal.com/file/5ce5414b2dc5b2e30db2f84ba70f5585b85c4c71e0736d01411e64ffffb4a067/analysis/1335471528/

One suspicious result but the .exe file is exactly the same as the original on my personal computer so I'm pretty sure it's a false negative.

Oh wait, what am I saying XD lol I missed an opportunity here! Errr.. New stance: I was actually forced to write Seose by the devil and it has more viruses than a Las Vegas Hooker! Delete it! DELETE IT! =P

EDIT (EDIT):

First seen by VirusTotal
2010-01-29 09:39:58 UTC ( 2 years, 2 months ago )
Last seen by VirusTotal
2012-04-26 20:18:48 UTC ( 10 minutes ago )

So I'm guessing nobody has actually "hacked" sordie.co.uk and the zip has been the same for over 2 years =P



---
http://sordie.co.uk
http://twitter.com/@SordieEO
12 years, 36 weeks ago
Post #141094 Re: Seose 0.1.7b malware warning

You scanned

File name: seose-bin.0.2.7b.zip

Sausage said: Seose 0.1.7b malware warning


Does the version matter? Also im not saying theres a virus because i used Seose ages ago and nothing of mine has gone missing (I hope XD)

---
"Do not take life too seriously. You will never get out of it alive."
12 years, 36 weeks ago
Post #141095 Re: Seose 0.1.7b malware warning
Standard posted: (26th Apr 2012, 08:37 pm)

You scanned

File name: seose-bin.0.2.7b.zip

Sausage said: Seose 0.1.7b malware warning


Does the version matter? Also im not saying theres a virus because i used Seose ages ago and nothing of mine has gone missing (I hope XD)


ha! Lol good point. I guess I'm dumb.. Scanning now XD

Holy crap. Eeek!. Nobody use this until I've investigated:
https://www.virustotal.com/file/8c9d2598ff5e99ef1d890d5f357c970b0ca79817e9ce59dead6e629779dabe0b/analysis/1335472835/
(this is the archive from my own computer, not a download from sordie.co.uk so it's the original)


EDIT:

THREAT IS REAL!

If anyone still has Seose 0.1.7b on their computers, delete it. The executable within the released .zip file looks nothing like original compile of that version and therefore should not be trusted in any way.

CRC-32's
Original:   E79A44B2
Infected: 29E3928B

I truly am sorry about this guys. I hope nobody has ever had any problem due to this but in all the time it has been in the public domain I have never heard anything so fingers crossed. Anyone worried about a compromise to their system should assure they have an up to date virus checker such as thefree Microsoft Security Essentials installed and enabled.

*bends over ready for a community spanking* =S

EDIT: Posted this to sordie.co.uk front page via twitter, if you run/help/post on another eo community site then please post a link to this thread ASAP.

---
http://sordie.co.uk
http://twitter.com/@SordieEO
12 years, 36 weeks ago
Post #141097 Re: Seose 0.1.7b malware warning


Hmm, how'd that get there? XD

---
Andrewbob - I would be on the fucking copter of rofls

Programmer, Web Developer, and Graphics Designer
12 years, 36 weeks ago
Post #141104 Re: Seose 0.1.7b malware warning

Spanks :]

---
Qbot/null
12 years, 36 weeks ago
Post #141109 Re: Seose 0.1.7b malware warning

I'm not sure whats more baffling, the fact that a "Compromise" occured, the fact it was done on an older version of SEOSE, or the fact that if it was a real compromise done by an unknown assailant that they'd do so to not only SEOSE, a dead project, but a dead version of it nonetheless? I guess maybe I could understand it if the older version didnt have the backdoor, and then what baffles me more is what is it they were trying to accomplish if it wasn't sordie herself trying to kill her own project? xD

12 years, 36 weeks ago
Post #141128 Re: Seose 0.1.7b malware warning
vysen posted: (27th Apr 2012, 01:06 am)

I'm not sure whats more baffling, the fact that a "Compromise" occured, the fact it was done on an older version of SEOSE, or the fact that if it was a real compromise done by an unknown assailant that they'd do so to not only SEOSE, a dead project, but a dead version of it nonetheless? I guessmaybe I could understand it if the older version didnt have the backdoor, and then what baffles me more is what is it they were trying to accomplish if it wasn't sordie herself trying to kill her own project? xD

What baffles me is that Sordie still hosts software for download that she's trying to kill. o_O

---
Want to learn to pixel?
Pixelsource.org
12 years, 36 weeks ago
Post #141131 Re: Seose 0.1.7b malware warning
Cirras posted: (27th Apr 2012, 05:38 pm)

vysen posted: (27th Apr 2012, 01:06 am)

I'm not sure whats more baffling, the fact that a "Compromise" occured, the fact it was done on an older version of SEOSE, or the fact that if it was a real compromise done by an unknown assailant that they'd do so to not only SEOSE, a dead project, but a dead version of it nonetheless? Iguessmaybe I could understand it if the older version didnt have the backdoor, and then what baffles me more is what is it they were trying to accomplish if it wasn't sordie herself trying to kill her own project? xD

What baffles me is that Sordie still hosts software for download that she's trying to kill. o_O

You make an extremely valid point :L

12 years, 36 weeks ago
Post #141134 Re: Seose 0.1.7b malware warning

Good points. Easily answered.


1) Nobody has recently modified old versions, this compromise is in the original release of 0.1.7b. Just it's never been found (or ever been a problem) until now.

2) I don't host, run, update or even own sordie.co.uk anymore. Sausage does. I can post on the front page because it just gets the content from one of my twitter accounts.

3) Um no three.. Just seems like I needed one =P


EDIT: Wild, all I can think of is back when Scott hosted sordie.co.uk. It was once compromised by bankhead and both the website, my computer and my hotmail accounts where compromised. Kinda glad Sausage hosted it for me as it was much more secure that what I ever got from Scott (although we all kinda still miss him)


I remember it well because he tried to blackmail me for my hotmail account and it all kinda went wrong for him from there XD.



---
http://sordie.co.uk
http://twitter.com/@SordieEO
12 years, 36 weeks ago
Page: << 1 2 >>
Topic is locked.
EOSERV Forum > Announcements > Seose 0.1.7b/0.1.9 malware warning