Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Building an infected VM for education and training.


  • Please log in to reply
1 reply to this topic

#1 vicronis

vicronis

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:06:01 AM

Posted 05 March 2016 - 10:48 PM

Hi Everyone,

 

I'm not sure this is the right place for this thread but I've got myself an issue that I hope someone here could guide me to the right place(s). I'd like to infect a virtual machine with DNS Unlocker and some other newer infections that are currently going around for the past year or so that I've seen in the forums here. I've already created a virtual machine and started getting it infected but the primary one I want to get for the moment is DNS Unlocker and I can't seem to find either an installer directly for it or any information for anything that installs it in the background.

 

The reason i want to do this is because at my shop we have seen an increased amount of these infections in the last week and in some of those cases the younger inexperienced technicians have resorted to doing OS wipe and reloads rather than fixing the actual issue. This is a behavior I want to stop or at least limit when possible and train them all properly for cleaning these infections going forward.

 

If anyone could point out any programs they installed that had DNS Unlocker or any other stubborn infections it would be greatly appreciated.

 

Thank you in advance for any help



BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:01 AM

Posted 06 March 2016 - 07:05 AM

One of the primary goals of Bleeping Computer is to assist victims of malware infection with removal and to prevent the spread of malicious programs, not encourage them. Therefore, we will not provide links to malware samples or malicious sites where infections have been contracted and spread. Others reading this topic may use the information for nefarious purposes or an unwitting novice user may accidentally click a link and end up infecting their own computer.
 

Bleeping Computer's main mission is to help people rid their computers of malware not infect them. For legal and liability purposes we do not endorse or permit the sharing of malware samples via the forums. There are plenty of 'in the wild' samples available by using unsafe browsing tactics.

The main goal of BleepingComputer is to help users resolve various computer problems, not to distribute malware samples for whatever purpose. Requesting and/or providing links to live malware or live malware samples does not fall under that objective and is for that reason not something we allow or encourage.

Warez and crack sites are a good source and should only be used from a virtual machine. That's the best information and most specific information we can provide.


For those and other obvious reasons, we are not going to provide more specific information in a public forum. There are a number of sites specialized in malware samples where questions like yours can be asked. You can perform a simple Google search to find them or even search on "how to infect my computer on purpose" which will provide information such as these articles.You can also read this topic which explains the most common ways malware is contracted and identifies the types of sites where you can easily get infected by not following the advice provided to protect yourself.

While I understand you may have good reasons to look for specific malware samples, Bleeping Computer is not the place to ask for assistance on how to obtain them.
 

Before anything a general warning, never try to test/try out malware samples if you don't know what you're doing! The risk of inadvertently infecting another computer or a host computer is always present...testing malware samples with different security products is not very productive in my opinion. You would indeed need a site that is actively dropping the infection (which is hard to find, they are usually cleaned/taken off-line as soon as the malicious behavior is observed and reported). Downloading and dropping specific files isn't the same and doesn't give a good representation of how a "real" infection enters a system.


If your intention is to infect a Virtual Machine (VM) for the purposes of testing, be aware that not all malware will work in that environment by intention. Malware writers have been able to create malicious files which can detect if it is running in a VM. When detected as such, the malware is able to change its behavior by not running any malicious code which can infect the operating system. This is a deliberate technique to make analysis/detection more difficult for security researchers who use VMs to study infections in order to understand the attack methodology used and develop disinfection solutions. So just because you test a program in a VM and it does not behave maliciously...that does not necessarily mean it is not malicious.The BC Staff
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users