Be careful before you use a cracked OS...

[HannibalX]

Guy at work brought me his notebook to take a look at. I very, very rarely look at people's personal hardware anymore but he's a friend. He had done a "clean" install last night with a copy of Windows 7 he found on a torrent site. Moral/ethical issues aside, I told him I would take a look. He wasn't sure what was wrong but the machine felt slow and buggy.

We have a seperate VLAN at work we use for hardware testing and hardware we think might be compromised. I plugged the notebook into the network and booted it but didn't touch anything else, then let ePO take a look "under the hood". Three seperate keyloggers were running and sending info out. I did a traceroute on one of the addresses - it went to Iran. :awe: There were two bots running, probably gathering data, not sure what. They were trying (and failing) to talk to IPs which I think are (or were) in Yemen.

Also, there were DNS redirects for major sites like PayPal, eBay, and various banks (we tried his bank, BOA and it redirected as well). They looked remarkably like their official counterparts, I doubt most people would have noticed.

Long story short, you should be very careful when using a "cracked" or "jacked" OS you find floating around the net. Better yet, don't use them. I'm not saying they are all compromised but certainly some of them are.

 

[Eli]

Wow, scary. And smart on the part of the phishers.

 

[OutHouse]

and what did he say/do when you showed him this.

by ePO you mean McAfee right?

 

[Crusty]

Or just verify the checksums of the image file with those published by Microsoft.

 

[frostedflakes]

Main reason I stay away from pirated software in general. It'd be so easy for someone to add some nefarious code if they wanted to.

edit: That works Crusty, until you need to download an activation hack or patch that does god knows what to the clean install.

 

[Crusty]

Main reason I stay away from pirated software in general. It'd be so easy for someone to add some nefarious code if they wanted to.

edit: That works Crusty, until you need to download an activation hack or patch that does god knows what to the clean install.

There are legitimate uses for downloading it as a torrent, such as losing your media.

 

[HannibalX]

There are legitimate uses for downloading it as a torrent, such as losing your media.

Legitimate ISOs which haven't been cracked or otherwise fooled/tampered with aren't in question.

Like frosted said though, even with a clean ISO who knows what the third party crack/activator is doing.

Your average user doesn't have the knowledge to know what's safe, what isn't, what should be there, what shouldn't.

 

[Raduque]

Legitimate ISOs which haven't been cracked or otherwise fooled/tampered with aren't in question.

Like frosted said though, even with a clean ISO who knows what the third party crack/activator is doing.

Your average user doesn't have the knowledge to know what's safe, what isn't, what should be there, what shouldn't.

You can get these ISOs directly from Microsoft - there's no need to go to illicit third parties.

Edit: Average idiot users who don't know shouldn't be dealing with things like this, but if they are, they deserve what they get for not educating themselves first.

 

[frostedflakes]

There are legitimate uses for downloading it as a torrent, such as losing your media.

True enough, I didn't think about that. Not an issue if you can verify the MD5 of the ISO, then use your key or whatever for activation.

 

[luv2liv]

what's ePo?? never heard of it.

 

[HannibalX]

You can get these ISOs directly from Microsoft...

Absolutely.

 

[DesiPower]

WOW, save $150 and loose your entire life

 

[Mike Gayner]

LOL @ pirates.

 

[DesiPower]

what's ePo?? never heard of it.

ya... me neither... sounds interesting - "takes a look under the hood"

 

[CraigRT]

I'm always weary of this type of stuff now... I bought my own copy of Win7 X64.

Back in the Win98 days.. Pirating was just a matter of using someone else's CD key and everything still worked. Lame.

 

[HannibalX]

and what did he say/do when you showed him this.

by ePO you mean McAfee right?

I encouraged him to buy a legit copy and that I wouldn't do anymore work on the machine in its current state. He said he was going to buy a copy today.

 

[Genx87]

No surprise at all. I havent downloaded an MP3 in 7 years either because every one comes with a nice trojan. Cheaper and easier to legally buy the stuff.

 

[JulesMaximus]

Christ, you can buy a Windows 7 OEM version for about $100...what a cheapskate!

 

[JulesMaximus]

what's ePo?? never heard of it.

ePolicy Orchestrator - McAfee ePolicy Orchestrator® 4.5 is the only enterprise-class, open platform to centrally manage security for systems, networks, data, and compliance solutions. With end-to-end visibility and powerful automations that slash incident response times, ePolicy Orchestrator dramatically strengthens protection and drives down the cost of managing security.

 

[frostedflakes]

MP3s don't contain executable code.

Now if you download a "song" and it's an .exe and you run it, well... you probably deserve what you get, heh. :awe:

edit: Jules, who's that in your avatar? It isn't Stern is it?

 

[preslove]

I got in on the $35 education Windows 7 deal. Last time I checked it was now up to ~$65. Using a cracked OS is very, very stupid.

 

[fstime]

no surprise at all. I havent downloaded an mp3 in 7 years either because every one comes with a nice trojan. Cheaper and easier to legally buy the stuff.

lol

Like the guy said above, you probably deserve it if download anything other than a .mp3 and expected it to be a song.

 

[Gooberlx2]

Kinda get what you pay for/deserve in a case like this, eh?

 

[OutHouse]

ePolicy Orchestrator - McAfee ePolicy Orchestrator® 4.5 is the only enterprise-class, open platform to centrally manage security for systems, networks, data, and compliance solutions. With end-to-end visibility and powerful automations that slash incident response times, ePolicy Orchestrator dramatically strengthens protection and drives down the cost of managing security.

did you copy and paste that from McAfee?

we use to use ePO but it got to be a complete pain in the ass. I had to go to McAfee site everyday to manually download the DAT's and plug them in to Orchestrator. that was about 6 years ago. we switched to Trend-Micro and have never looked back. Trend rocks.

 

[QueBert]

I got in on the $35 education Windows 7 deal. Last time I checked it was now up to ~$65. Using a cracked OS is very, very stupid.

on the flip side a clean install of a legit copy of an OS can result in exactly what OP friends encountered in no time. I fix PC's for a living, I'd say most have legit copies of XP/Vista/Win 7. Yet they still have backdoors and spyware out the anus. Using a cracked OS is stupid because it's illegal, but beyond that will be 100% safe if you go thru the proper methods to check it. MD5 comes to mind, if the MD5 matches up a person has nothing to worry about.