Log in
Register
Menu
Log in
Register
Home
What's new
Latest activity
Authors
Forums
New posts
Search forums
What's new
New posts
Latest activity
Members
Current visitors
New posts
Search forums
Menu
Log in
Register
Install the app
Install
Forums
Miscellaneous Sections
Tech Head - The Technology Section
Computer Discussion
Trojan serves mature content off home PCs,
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="net1" data-source="post: 23973"><p>A new Trojan is turning Windows PCs into mature content and spam relays, possibly as a means of harvesting credit card details, researcher Richard M. Smith has discovered. </p><p></p><p>At first it was suspected that the Trojan installs a Web server on the victim's machine from which the mature content is served, but research by LURHQ indicates that it sets up a proxy which forwards the mature content and x-rated spam and so keeps the originating server hidden. </p><p></p><p>Machines hosting the Trojan are not harmed in any way, but spam recipients who check out the mature content on offer may become victims of fraud if they sign up for access using their credit cards. </p><p></p><p>The overall purpose appears to be establishing a semi-anonymous, distributed hosting scheme for malicious sites or for material that might invite retaliation from a Web host or the authorities, such as warez or kiddie mature content. </p><p></p><p>Only about two thousand home machines have been infected, but among them is a high proportion of AOL subscribers, implying that it may be spread via instant messaging. According to LURHQ it is easy to detect and defeat. </p><p></p><p>First, remove this registry key: </p><p></p><p>Software\Microsoft\Windows\CurrentVersion\Run\Login Service = wingate.exe </p><p></p><p>Then reboot the computer and remove this file: </p><p></p><p>%windir%\system32\wingate.exe. </p><p></p><p>The spam ads direct users to Russian mature content sites chiefly, sometimes using servers that were involved in a recent Paypal scam, Smith notes. ®</p></blockquote><p></p>
[QUOTE="net1, post: 23973"] A new Trojan is turning Windows PCs into mature content and spam relays, possibly as a means of harvesting credit card details, researcher Richard M. Smith has discovered. At first it was suspected that the Trojan installs a Web server on the victim's machine from which the mature content is served, but research by LURHQ indicates that it sets up a proxy which forwards the mature content and x-rated spam and so keeps the originating server hidden. Machines hosting the Trojan are not harmed in any way, but spam recipients who check out the mature content on offer may become victims of fraud if they sign up for access using their credit cards. The overall purpose appears to be establishing a semi-anonymous, distributed hosting scheme for malicious sites or for material that might invite retaliation from a Web host or the authorities, such as warez or kiddie mature content. Only about two thousand home machines have been infected, but among them is a high proportion of AOL subscribers, implying that it may be spread via instant messaging. According to LURHQ it is easy to detect and defeat. First, remove this registry key: Software\Microsoft\Windows\CurrentVersion\Run\Login Service = wingate.exe Then reboot the computer and remove this file: %windir%\system32\wingate.exe. The spam ads direct users to Russian mature content sites chiefly, sometimes using servers that were involved in a recent Paypal scam, Smith notes. ® [/QUOTE]
Insert quotes…
Verification
Post reply
Forums
Miscellaneous Sections
Tech Head - The Technology Section
Computer Discussion
Trojan serves mature content off home PCs,
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.
Accept
Learn more…
Top