Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

File Sharing Alert


  • Please log in to reply
7 replies to this topic

#1 auto1571

auto1571

  • Members
  • 327 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:32 AM

Posted 18 April 2014 - 06:38 PM

Note: The first thing I am about to describe is to alert members who are unaware; it's not something I have only just discovered. Please read on.

 

 

In addition to P2P Programs

It's not just P2P programs that consist of malicious files but there also exists a lot of file sharing websites where you can download files directly to your computer. Old news to some of you no doubt but nonetheless, these websites also consist of the same kind and same amount of malware as what the P2P programs do. I advise that you stay clear of these too. If you do want to download a file however then I suggest you upload it to a malware scanning site like Virus Total before opening.

 

Alert: What I have recently discovered

 

What I am about to describe is something that I have recently descovered and that I feel a great many Internet users could do with being aware of. So without further ado please read on.

There is currently a Kindle author on Amazon who has wrote a lot of kindle books in the advice and how to genre. He has wrote books on marketing, computer/internet forensics and anonymity. He also claims to be a Private Cyber forensics investigator and a leading Internet marketing entrepreneur.  In his books what he claims to be is written in the third person. However within his kindle books, especially the marketing ones he encourages user's to download free stuff from file sharing sites. He will also give you some free stuff to download in one or more of his books. He has a website that consists of a whole library of free stuff to download which is linked with the file sharing site FileFactory. And a lot of those files are indeed infected as Virus Total and Anubis was able to confirm.

What's more I did a Google search on this author and then came across a blog with a lot of people stating that this guy is a convicted felon and currently going by a different name. According to the blog he was previously charged with money laundering, tax evasion and countless federal security violations. The blog also states that this guy is responsible for more than a dozen scams that he has since managed to execute after being released from prison.

Furthermore I originally thought this author was legitimate after reading several of his books on aspects of digital forensics and stuff which were the first ones I had ever bought from him. I had also spoken with him a few time on Skype and many times via email and he seemed like a pretty friendly guy. I also thought he was legit base on the fact that he was selling on Amazon. The other factor that made me thing he was legit was a couple of YouTube video's, one where demonstrates digital forensics stuff. However after learning about PLR (Private Label Rights) stuff and other things I learned that it is relatively easy to write and publish kindle books on Amazon even if your not qualified on the subject. Anyway it was after I had bought his later books on marketing that I discovered all of the aforementioned.

I also did a background search on both the convicted felon that the blog mentioned and the author - Both ZIP codes matched, not only the their current locations but previous ones too - this has to mean that they are the same person.

So based on all of the above I feel we can say this is evidence indicative that this person has created a fake profile for himself, a semi-skilled social engineer and most likely makes all of his money from scamming people.

Lets face it - What Digital Forensics Expert is going to encourage their readers to download stuff from file sharing sites?!! I must also admit that quite annoyingly at one point I was in denial. I thought okay, perhaps this guy was once fraudulent and has now decided to go straight but that does not seem to be the case.

So I will now conclude by saying be careful with file sharing sites and watch out for these authors. Also do not be fooled because they might display them-selves temporarily on YouTube or anything; Make sure you search for evidence that proves beyond doubt that someone is who they say they are. They could very well be a Social Engineer!



BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:32 AM

Posted 18 April 2014 - 07:20 PM

Yes...using any torrent, file sharing, peer-to-peer (P2P) program (i.e. Limewire, eMule, Kontiki, BitTorrent, BitComet, uTorrent, BitLord, BearShare, Azureus/Vuze, Skype, etc) or visiting such sites is a security risk which can make your system susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. In some cases the computer could be turned into a malware honeypot or zombie.

File sharing networks are thoroughly infested with malware according to security firm Norman ASA and many of them are unsafe to visit or use. The reason for this is that file sharing relies on its members giving and gaining unfettered access to computers across the P2P network. This practice can make you vulnerable to data and identity theft, system infection and remote access exploit by attackers who can take control of your computer without your knowledge.

...It is almost never safe to download executable programs from peer-to-peer file sharing networks because they are a major source of malware infections.

Software Cracks: A Great Way to Infect Your PC

Even if you change the risky default settings to a safer configuration, downloading files from an anonymous source increases your exposure to infection because the files you are downloading may actually contain a disguised threat. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install malware. Many malicious worms and Trojans, such as the Storm Worm, target and spread across P2P files sharing networks because of their known vulnerabilities.

Further some file sharing programs are bundled with other free software you may download (sometimes without the knowledge or consent of the user) and can be the source of various issues and problems to include Adware, and browser hijackers as well as malware.

Even the safest P2P file sharing programs that do not contain bundled spyware, still expose you to risks because of the very nature of the P2P file sharing process. By default, most P2P file sharing programs are configured to automatically launch at startup. They are also configured to allow other P2P users on the same network open access to a shared directory on your computer. The best way to eliminate these risks is to avoid using P2P applications and torrent web sites.Using P2P programs, file sharing or browsing torrent sites is almost a guaranteed way to get yourself infected!!
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 auto1571

auto1571
  • Topic Starter

  • Members
  • 327 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:32 AM

Posted 18 April 2014 - 08:45 PM

Thanks for the links Quietman7. I am currently learning malware removal and also have a keen interest in computer security and so these should come in handy.

 

Anyway it is quite annoying though that this author has wrote a lot of kindle books on computer security and so has gained the trust of many people and thus enticing them to download stuff that is infected, especially within his marketing kindle books. What's more annoying is that for a whole year I personally thought this person was legitimate.



#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:32 AM

Posted 18 April 2014 - 08:50 PM

You're welcome.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,570 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:12:32 AM

Posted 18 April 2014 - 09:11 PM

 

there also exists a lot of file sharing websites where you can download files directly to your computer

Yes I know a few of those sites where you can download almost any software and its " free" because they provide you with a key, Crack, Patch or key gen. Those sites promote software piracy, And theft. The patches cracks and keygens are all dirty and members should stay away from them, Just logging into some of those sites is risky.

 

On a personal note.

 

If I was to download say XXXX internet security with a crack or patch to make it work, How can I ever trust that product,.

 

Is it just me or is the idea of a cracked security suite not right, Fishy.



#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:32 AM

Posted 18 April 2014 - 09:29 PM

The practice of using keygens, hacking tools, cracking tools, warez, torrents or any pirated software is not only considered illegal activity but it is a serious security risk much worse than P2P and file sharing sites.

...pirated software and cracks — programs designed to generate product keys or serial numbers for popular software and games — are almost always bundled with some kind of malware...downloading pirated software and software cracks is among the fastest and likeliest ways to infect your computer with something that ultimately hands control over of your PC to someone else.

Software Cracks: A Great Way to Infect Your PC

Recent research shows that websites and programs related to software piracy are likely to be infected with malware due to the way they are distributed...over 50% of all pirated files are infected with malware that are constantly repacked to evade even the most up-to-date anti-virus programs. Software piracy acts as a gateway for cybercriminals to infect computers, leaving individuals and their personal data vulnerable to malware infection.

File Sharing, Piracy, and Malware

Cracking applications are used for illegally breaking (cracking) various copy-protection and registration techniques used in commercial software. These programs may be distributed via Web sites, Usenet, and P2P networks.

TrendMicro Warning

...warez and crack web pages are being used by cybercriminals as download sites for malware related to VIRUT and VIRUX. Searches for serial numbers, cracks, and even antivirus products like Trend Micro yield malcodes that come in the form of executables or self-extracting files...quick links in these sites also lead to malicious files. Ads and banners are also infection vectors...

Keygen and Crack Sites Distribute VIRUX and FakeAV

...warez/piracy sites ranked the highest in downloading spyware...just opening the web page usually sets off an exploit, never mind actually downloading anything. And by the time the malware is finished downloading, often the machine is trashed and rendered useless.

University of Washington spyware study

...a staggering 59% of the key generators and crack tools downloaded from P2P networks represent a security liability since they contain malicious and unwanted code. "25% of the Web sites we accessed offering counterfeit product keys, pirated software, key generators or crack tools attempted to install either malicious software or potentially unwanted software. A significant number of these Web sites attempted to install malicious or unwanted code...In addition to the peer-to-peer networks, 11% of the key generators and crack tools downloaded from Web sites were also plagued by malicious and unwanted software.

Microsoft Reveals the Risks of Using Pirated XP and Office

Some of the most aggressive types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,570 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:12:32 AM

Posted 18 April 2014 - 09:39 PM

Thanks quietman I knew you had all that info on hand. In future when I see these types of posts I will refer members to this thread.



#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:32 AM

Posted 18 April 2014 - 09:48 PM

You can also refer them to this topic:
File Sharing (P2P), Keygens, Cracks, Keygens, Cracks, Warez, and Pirated Software are a Security Risk
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users