CPE: McAfee AudioParasitic: Episode 36: malware distributed via P2P
length: 00:23:02
malware distributed via P2P: typically file with mp3
& mpeg extension, but actually ASF tfile that when run will force window
media player to navigate to an URL & that URL is an executable
high percentage of limewire search result are those rough
media file format
some give you the impression that you need code & show
you where to download the codec, which is an executable file when it’s run, it
gives error message, meanwhile in the background is downloading more trojan and malware ,
mainly adware and spyware
nuwar: never show up in the top 10
is some respect
this is kind of old school adware company .
Previously many big player kinda closed up shopw after
the federal trad commission went ahead with lawsuit against them.
Race to Zero a contact that will be held in Def Con:
Ppl give some sample and they have to get them pass
through all scanners
Static AV testing has its limit.
Encouraging people writing AV evasion is bad
The fact that they wont share the share the sample/code-
we cant check whether the attack really works, whether we are aware of the
method, whether they testbed is correct – they do whatever they will