|
|
#1
September 10th, 2012, 02:26 PM
|
||||
|
||||
How a malicious help file can install a spyware keylogger
Quote:
__________________
A man's pride shall bring him low: but honour shall uphold the humble in spirit: Proverbs 29,23. "Only the wasteful virtues earn the sun": William Butler Yeats, April 27, 1916. |
|
#2
September 10th, 2012, 04:00 PM
|
|||
|
|||
|
Re: How a malicious help file can install a spyware keylogger
Pretty clever!
The use of creating boobytrapped files to load or run malicious executables goes back quite a few years. While today's exploits rely mostly on social engineering tactics, at least 8 years ago, cybercriminals were using different file types in remote code execution exploits. Here are a few from that period: http://urs2.net/rsj/computing/tests/files_exec ---- rich |
|
#3
September 10th, 2012, 06:45 PM
|
||||
|
||||
Re: How a malicious help file can install a spyware keylogger
Actually the use of .HLP for malware etc purposes dates back quite a number of years. I don't have specifics to hand, but due to my hearing about such a vector, i've selected ProcessGuard to block/prompt me each & every time
 If i DENY it, then i get this Personally i don't expect to be infected in such a way  but it pays to be cautious. Plus after a disguised .HLP was alowed to run, it would need to also run the other files, such as .EXE/SYS/DLL etc. PG & other protection would automatically also block/prompt me each & every time, to those too  People with similar software/solutions can/could do the same.
__________________
. Malware = You don't scare me A different perspective https://rt.com - https://rt.com/on-air |
|
#4
September 10th, 2012, 07:49 PM
|
|||
|
|||
|
Re: How a malicious help file can install a spyware keylogger
Quote:
http://blog.trendmicro.com/calling-w...-vulnerability http://www.virusbtn.com/news/2011/09_14.xml Quote:
With PG set up the way you show, can you run a legitimate Help file on your system? ---- rich |
|
#5
September 10th, 2012, 09:09 PM
|
||||
|
||||
|
Re: How a malicious help file can install a spyware keylogger
Quote:
Good examples Quote:
Yes, by clicking ALLOW. But whenever i Allow something that's normally Prompted, i do NOT also tick Always perform this action as that would make the action from then on allowed on All such files, unless i reconfigured the permissions back again. As it only takes a few seconds to Allow or Deny, it's no big deal for me, & unless i'm installing or running something new etc, i don't get prompted all the time. I'm sure you are in a similar situation with DeepFreeze.
__________________
. Malware = You don't scare me A different perspective https://rt.com - https://rt.com/on-air |
|
#6
September 12th, 2012, 02:25 AM
|
|||
|
|||
|
Re: How a malicious help file can install a spyware keylogger
Quote:
I don't want to think again. Sensational shock info from a company selling security for money. Boring. Mrk
__________________
http://www.dedoimedo.com All your base are belong to us Linux Systems Expert / Systems Programmer, Linux System Administrator, LPIC-1, LPIC-2 (WIP), GSEC, CCHD, CCHA |
|
#8
September 12th, 2012, 02:36 PM
|
||||
|
||||
|
Re: How a malicious help file can install a spyware keylogger
Just a FYI. Windows Help format is not supported in Vista and later. You have to manually obtain the Windows Help program (WinHlp32.exe) if you want it.
-http://support.microsoft.com/kb/917607-
__________________
Uncertainty is the only certainty there is, and knowing how to live with insecurity is the only security... |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
How a malicious help file can install a spyware keylogger
