Sausage
 Administrator
Joined: 26th Jul 2008
Posts: 1346
 Seose 0.1.7b/0.1.9 malware warning
The old Seose download "seose-bin.0.1.7b.zip" hosted on sordie.co.uk has been detected as containing a trojan "Trojan.Agent-148430".
If you believe you may have downloaded and used Seose 0.1.7b in the past, please perform a virus scan on your computer, and delete any old copies of the download to prevent distribution.
12 years, 36 weeks ago
|
vysen
Joined: 29th Mar 2009
Posts: 117
Re: Seose 0.1.7b malware warning
Oh the laughs I got off of this. Good job on the heads up.
12 years, 36 weeks ago
|
Saber
Joined: 22nd Feb 2012
Posts: 204
Re: Seose 0.1.7b malware warning
YOU SAVED LIVES TODAY MAN
12 years, 36 weeks ago
|
DanScott
Joined: 19th Aug 2010
Posts: 1212
Re: Seose 0.1.7b malware warning
Why would sordie put malware in her software o.o? ---
If money doesn't grow on trees, then why do banks have branches?
12 years, 36 weeks ago
|
Re: Seose 0.1.7b malware warning
So it will die.
---
http://www.torn.com/478456
12 years, 36 weeks ago
|
Re: Seose 0.1.7b malware warning
Lol EOserv people always hacking and giving people viruses. I won't download shit from yall lol.
12 years, 36 weeks ago
|
Sordie
Joined: 3rd Apr 2009
Posts: 2044
Re: Seose 0.1.7b malware warning
As erotic as I find " *wrangles Sordie over his knee and brandishes a paddle*" ;] I give you my word I have never added any malicious code to Seose. Assuming there has never been an upload from any other computer than mine (Sausage can check this as he has the logs, dates and knows
myIP)thenthis is probably a false negative. Obviously I advice caution and if you're unsure then never run anything on your computer.
EDIT: Just upload this to virustotal. Here are the results: https://www.virustotal.com/file/5ce5414b2dc5b2e30db2f84ba70f5585b85c4c71e0736d01411e64ffffb4a067/analysis/1335471528/
One suspicious result but the .exe file is exactly the same as the original on my personal computer so I'm pretty sure it's a false negative.
Oh wait, what am I saying XD lol I missed an opportunity here! Errr.. New stance: I was actually forced to write Seose by the devil and it has more viruses than a Las Vegas Hooker! Delete it! DELETE IT! =P
EDIT (EDIT): First seen by VirusTotal
2010-01-29 09:39:58 UTC ( 2 years, 2 months ago )
Last seen by VirusTotal
2012-04-26 20:18:48 UTC ( 10 minutes ago )
So I'm guessing nobody has actually "hacked" sordie.co.uk and the zip has been the same for over 2 years =P
---
http://sordie.co.uk
http://twitter.com/@SordieEO
12 years, 36 weeks ago
|
Standard
Joined: 2nd Oct 2011
Posts: 1417
Re: Seose 0.1.7b malware warning
You scanned
File name: seose-bin.0.2.7b.zip
Sausage said: Seose 0.1.7b malware warning
Does the version matter? Also im not saying theres a virus because i used Seose ages ago and nothing of mine has gone missing (I hope XD)
---
"Do not take life too seriously. You will never get out of it alive."
12 years, 36 weeks ago
|
Sordie
Joined: 3rd Apr 2009
Posts: 2044
Re: Seose 0.1.7b malware warning
Standard posted: (26th Apr 2012, 08:37 pm)
You scanned
File name: seose-bin.0.2.7b.zip
Sausage said: Seose 0.1.7b malware warning
Does the version matter? Also im not saying theres a virus because i used Seose ages ago and nothing of mine has gone missing (I hope XD)
ha! Lol good point. I guess I'm dumb.. Scanning now XD
Holy crap. Eeek!. Nobody use this until I've investigated: https://www.virustotal.com/file/8c9d2598ff5e99ef1d890d5f357c970b0ca79817e9ce59dead6e629779dabe0b/analysis/1335472835/
(this is the archive from my own computer, not a download from sordie.co.uk so it's the original)
EDIT: THREAT IS REAL!
If anyone still has Seose 0.1.7b on their computers, delete it. The executable within the released .zip file looks nothing like original compile of that version and therefore should not be trusted in any way.
CRC-32's
Original: E79A44B2
Infected: 29E3928B
I truly am sorry about this guys. I hope nobody has ever had any problem due to this but in all the time it has been in the public domain I have never heard anything so fingers crossed. Anyone worried about a compromise to their system should assure they have an up to date virus checker such as
thefree Microsoft Security Essentials installed and enabled.
* bends over ready for a community spanking* =S
EDIT: Posted this to sordie.co.uk front page via twitter, if you run/help/post on another eo community site then please post a link to this thread ASAP.
---
http://sordie.co.uk
http://twitter.com/@SordieEO
12 years, 36 weeks ago
|
Re: Seose 0.1.7b malware warning
Hmm, how'd that get there? XD
---
Andrewbob - I would be on the fucking copter of rofls
Programmer, Web Developer, and Graphics Designer
12 years, 36 weeks ago
|
Queen
Joined: 20th Dec 2009
Posts: 1036
Re: Seose 0.1.7b malware warning
12 years, 36 weeks ago
|
vysen
Joined: 29th Mar 2009
Posts: 117
Re: Seose 0.1.7b malware warning
I'm not sure whats more baffling, the fact that a "Compromise" occured, the fact it was done on an older version of SEOSE, or the fact that if it was a real compromise done by an unknown assailant that they'd do so to not only SEOSE, a dead project, but a dead version of it nonetheless? I guess
maybe I could understand it if the older version didnt have the backdoor, and then what baffles me more is what is it they were trying to accomplish if it wasn't sordie herself trying to kill her own project? xD
12 years, 36 weeks ago
|
Cirras
Joined: 11th Mar 2011
Posts: 1221
Re: Seose 0.1.7b malware warning
vysen posted: (27th Apr 2012, 01:06 am)
I'm not sure whats more baffling, the fact that a "Compromise" occured, the fact it was done on an older version of SEOSE, or the fact that if it was a real compromise done by an unknown assailant that they'd do so to not only SEOSE, a dead project, but a dead version of it nonetheless? I
guessmaybe I could understand it if the older version didnt have the backdoor, and then what baffles me more is what is it they were trying to accomplish if it wasn't sordie herself trying to kill her own project? xD
What baffles me is that Sordie still hosts software for download that she's trying to kill. o_O
---
Want to learn to pixel?
Pixelsource.org
12 years, 36 weeks ago
|
Nerrevar
Joined: 14th Mar 2009
Posts: 780
Re: Seose 0.1.7b malware warning
Cirras posted: (27th Apr 2012, 05:38 pm)
vysen posted: (27th Apr 2012, 01:06 am)
I'm not sure whats more baffling, the fact that a "Compromise" occured, the fact it was done on an older version of SEOSE, or the fact that if it was a real compromise done by an unknown assailant that they'd do so to not only SEOSE, a dead project, but a dead version of it nonetheless?
Iguessmaybe I could understand it if the older version didnt have the backdoor, and then what baffles me more is what is it they were trying to accomplish if it wasn't sordie herself trying to kill her own project? xD
What baffles me is that Sordie still hosts software for download that she's trying to kill. o_O
You make an extremely valid point :L
12 years, 36 weeks ago
|
Sordie
Joined: 3rd Apr 2009
Posts: 2044
Re: Seose 0.1.7b malware warning
Good points. Easily answered.
1) Nobody has recently modified old versions, this compromise is in the original release of 0.1.7b. Just it's never been found (or ever been a problem) until now.
2) I don't host, run, update or even own sordie.co.uk anymore. Sausage does. I can post on the front page because it just gets the content from one of my twitter accounts.
3) Um no three.. Just seems like I needed one =P
EDIT: Wild, all I can think of is back when Scott hosted sordie.co.uk. It was once compromised by bankhead and both the website, my computer and my hotmail accounts where compromised. Kinda glad Sausage hosted it for me as it was much more secure that what I ever got from Scott (although we all
kinda still miss him)
I remember it well because he tried to blackmail me for my hotmail account and it all kinda went wrong for him from there XD.
---
http://sordie.co.uk
http://twitter.com/@SordieEO
12 years, 36 weeks ago
| | | | | | | | | | | | | | | |
