American Express *Corporate* Platinum card?

Status
Not open for further replies.
Re: This is great for people who have two credit cards!!!

GERKON said:
:!: This is great for people who have two credit cards!!! Look at what you make from others work!!!

the wordings of this post sure does sound like a spam or an email invite to a trojan etc
 
Last edited by a moderator:
After doing a google for *******, I only became even more suspicious about what it is.
 
Last edited by a moderator:
oz_mark said:
After doing a google for ********, I only became even more suspicious about what it is.

Ok. I spent some time analysing the crudware that the program is.

I re-iterate my warning - DO NOT DOWNLOAD, RUN OR ATTEMPT TO DOWNLOAD THAT FILE.

The file looks beneign enough from the outside. When run, it installs a program called "Credit Card Verifier" and launches the program. The program is used to verify credit card numbers against the checkdigits on the cards.

However, in the background it also drops and runs a file called "Kav_6.0.exe". This file unpacks itself and runs another file called "Kav_Update.exe" (Note that Kav is a respected Anti-Virus firm and the icons and names are meant to avoid suspicion by using their name as part of this malware - Kav have nothing to do with this)

That file drops another few files onto the machine (services.exe, sservices.exe and fservices.exe - Not to be confused with legitimate files of the same name ) which are identified as a backdoor trojan (malicious file that allows others to connect to your machine and perform operations/capture keystrokes/data etc.)

Other files are also dropped as part of this routine.

So in other words, as predicted above the file is a nasty piece of work. A subtle warning to everyone about the dangers of downloading files where you can't verify the origin.

(Oh, and I used what is known as a "goat" p.c for my work - do not try this at home unless you really know what you are doing!)
 
Last edited by a moderator:
I have deleted all references to that file. Thanks to all those for bringing thid to our attention.

I guess this incident illustrates how careful you need to be when downloading files - especially .exe files - from unknown sources.

Please be careful!
 
admin said:
I have deleted all references to that file. Thanks to all those for bringing thid to our attention.

I guess this incident illustrates how careful you need to be when downloading files - especially .exe files - from unknown sources.

Please be careful!

Aah, the joys of owning a Mac. Can't run most software, but at least that applies to malware as well :-)

On a more serious note, I regard the use of *outgoing* packet sniffers to be essential these days. I'm not so fussed about unauthorised conections coming in, but I really want to make sure I know what data is going out.

mt
 
admin said:
I have deleted all references to that file. Thanks to all those for bringing thid to our attention.

I guess this incident illustrates how careful you need to be when downloading files - especially .exe files - from unknown sources.

Please be careful!

Maybe edit this post as well as the original link is quoted in that post potentially?

Its amazing as soon as I see anything saying "click this link" I immediately think - "well I know what I am NOT clicking" - big call from Mal to let the malware (Mal- malware connection?) have a little play so he could work out exactly how mean it was...
 
simongr said:
Maybe edit this post as well as the original link is quoted in that post potentially?

Its amazing as soon as I see anything saying "click this link" I immediately think - "well I know what I am NOT clicking" - big call from Mal to let the malware (Mal- malware connection?) have a little play so he could work out exactly how mean it was...

Nah it's not a valid link. I X'd it out when I quoted the post. Nothing to worry about.

Playing with malware is dangerous and something that should not be done unless you know what you are doing. I happen to deal with malware all the time so know enough about the precautions I need to take etc... Oh, and yes, I get the "Mal"ware joke quite a bit :)
 
Status
Not open for further replies.

Become an AFF member!

Join Australian Frequent Flyer (AFF) for free and unlock insider tips, exclusive deals, and global meetups with 65,000+ frequent flyers.

AFF members can also access our Frequent Flyer Training courses, and upgrade to Fast-track your way to expert traveller status and unlock even more exclusive discounts!

AFF forum abbreviations

Wondering about Y, J or any of the other abbreviations used on our forum?

Check out our guide to common AFF acronyms & abbreviations.
Back
Top