65MB Malware install - .net framework missing? not for long!

Yep, the bar is raised for the biggest malware install out there yet again. Words fail me with this one - dont have the .net framework on your PC to utilise the adware makers technology? No problem, they'll download it for you - without you knowing.

Problem is, it's sixtyfive megabytes in size...

Do yourself a favour and block anything from iowrestling.com, and broadcastpc.tv.

Full story here.

 

Thanx for the heads up Paperghost

 

Let me get this right. This malware will download 65MB without you knowing? I find it very hard to believe that many people would not notice it, especially those still on a 56k Connection.

Jimbob

 

Yep - been confimed by myself, Eric Howes and Ben Edelman. I'm sure Ben will post one of his videos on his site if he covers it (which im sure he will!)

Not really an issue for dial up - more of a problem for DSL etc. There is absolutely no warning that anything is downloading except for a bit of PC chugging whilst it dls the file. Quite unbelievable.

 

I alread have microsoft .net framework installed on my pc, through windows update. Do u mean, it's useless, and should be removed?

 

No, don't remove the .NET framework if you actually use it - the big problem is that

1) 65MB+ of your HD space is being used up without your permission to download .NET (if you don't have and / or need it)

and

2) An entire application framework is being installed without your permission to run programs you'd rather not have onboard. The sheer cheek of it is staggering, to say the least.

edited - correction made due to half asleep typing action!

 

Hi,

Not to split hairs with this article but Microsoft's .NET Framework 1.1 is only 23MB for downloading. It may take up 65MB when installed but it's not that large to download.

http://www.microsoft.com/downloads/...E3-F589-4842-8157-034D1E7CF3A3&displaylang=en

Bill

 

Agreed, and if you use certain types of thinstaller, the size is reduced to as little as under 5MB once installed - the main thrust isn't the size of it whilst downloading...the size of the .NET framework to download can vary drastically depending on whether or not you get a custom-built package etc - and dont forget the service packs, of which SP1 is around 10 extra MB in size. And to someone on a capped service, 23MB IS a massive chunk of bandwidth gone. The main point is that regardless of the actual amount of bw used up (which will vary), theres a VERY large chunk of your machine being hogged to run this adware. Im actually understating the amount of HD space used up as the .NET package can total over 100MB as opposed to the 40 to 60 it usually weighs in at. However, I've tweaked the article along with the latest update addition to make it clearer that I'm mainly banging on about the size of the file once installed

The post a few above this one said "65mb bandwith hosed" because by that point i'd been awake for nearly 18 hours straight and was feeling the burn somewhat after talking about this on too many sites to mention I've also edited that accordingly.

(though to be fair, the article is called 65MB malware install, rather than download!)

 

Will such a download be picked up by commonly used security tools such as our firewalls?

Jimbob

 

Well, the network traffic (http etc) would show up in your logs, and even better if you have some sort of IDS such as Snort....though the .NET framework will still eventually just "appear" on your HD if you got nailed. The only way to know for sure would be to constantly have your connections up in front of you.

For info, IE-Spyad blocks the domains mentioned above.