Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Incidents
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: softnyx install rootkits

from [p4ssion] Network Security [Permanent Link]
Subject: RE: softnyx install rootkits
Date: Mon, 11 Sep 2006 10:41:29 +0900 
Hi.

It's not a rootkits.
Gameguard protect against binary debugging and game abusing ,so they are
detected at suspicious rootkit 
Antivirus software always inspect file header and contents. They will
determine rootkit or backdoor, if they're not completing inspection process
to the file or directory.

Regards. P4ssion

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On
Behalf Of sto.cesso.di@email.it
Sent: Saturday, September 09, 2006 12:06 AM
To: incidents@securityfocus.com
Subject: softnyx install rootkits

latest update regarding Rakion game (mad by Softnyx)

included a malicious .dll 

entitiesMP.dll


Thanks to virustotal.com i found this:

-

AntiVir 7.1.1.14 09.07.2006 TR/RKit.Delf.B.6

AVG 386 09.07.2006 BackDoor.Generic3.KYW

Fortinet 2.77.0.0 09.07.2006 W32/Delf.B!tr.rkit

F-Prot4 4.2.1.29 09.07.2006 W32/Backdoor.gen

Kaspersky 4.0.2.24 09.07.2006 Rootkit.Win32.Delf.b

Panda 9.0.0.4 09.07.2006 Suspicious file 

-

this dll hides two process from the tasklist:

rakion.bin

gameguard.des


and whoknows what else it does...


is this a good way to avoid trainers or game hacks?


Softnyx company keeps answer their customers it is a BUG of our antivirus
program and suggest us to unistall the AV!


We need someone authoritative force them to use this unethical tools!

Please join us


I think...first..is ethical to hide processes running on a computer to his
owner ?


If softnyx can...than everyone else can!


and in second time.. is it ethical to deploy this kind of update without
warning the users?...or better...suggesting users to remove their own
antivirus softwares??


wait for your opinions

----------------------------------------------------------------------------
--
This List Sponsored by: Black Hat

Attend the Black Hat Briefings & Training USA, July 29-August 3 in Las
Vegas. 
World renowned security experts reveal tomorrow's threats today. Free of 
vendor pitches, the Briefings are designed to be pragmatic regardless of
your 
security environment. Featuring 36 hands-on training courses and 10
conference 
tracks, networking opportunities with over 2,500 delegates from 40+
nations. 

http://www.blackhat.com
----------------------------------------------------------------------------
--


------------------------------------------------------------------------------
This List Sponsored by: Black Hat

Attend the Black Hat Briefings & Training USA, July 29-August 3 in Las Vegas. 
World renowned security experts reveal tomorrow's threats today. Free of 
vendor pitches, the Briefings are designed to be pragmatic regardless of your 
security environment. Featuring 36 hands-on training courses and 10 conference 
tracks, networking opportunities with over 2,500 delegates from 40+ nations. 

http://www.blackhat.com
------------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: spoolss overflow attempt: unknow threat or false alert ?, Sûnnet Beskerming
Next by Date:  Re: spoolss overflow attempt: unknow threat or false alert ?, Jonathan Nichols
Previous by Thread:  softnyx install rootkits, sto . cesso . di
Next by Thread:  Re: RE: softnyx install rootkits, evilrabbi
Indexes:  [Date] [Thread] [Top] [All Lists]