Kazaa users brace for mass hijack

Discussion in 'other security issues & news' started by Jooske, May 1, 2002.

Thread Status:
Not open for further replies.
  1. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Announced is Kazaa mass hijack within the next 4-5 weeks
    http://www.theage.com.au/articles/2002/04/26/1019441306209.html
    Snipped from this:  
    ""Hidden inside KaZaA, however, is Altnet - Trojan software that aims to harness the spare processing, storage and communications power of the millions of computers connected to KaZaA's FastTrack network, a concept known as "distributed computing".

    The Altnet software was created by Brilliant Digital Entertainment (BDE), a California-based multimedia company founded by former Australian entertainment software entrepreneur Kevin Bermeister.

    Since March at least, Altnet has been downloaded, often without users' knowledge, secreted in the KaZaA software.""


    Hope that is only kazaa, and the removal tool posted in this forum works perfect for all.
     
  2. javacool

    javacool BrightFort Moderator

    Joined:
    Feb 10, 2002
    Posts:
    3,995
    The removal tool should work fine.  :D

    As far as this issue only affecting Kazaa... I know various sites ask for you to install the "B3D player" to watch 3D movies/animations.

    Also, I have confirmed that the original Morpheus 1.3 (that was still on the same network as KaZaA) included Brilliant Digital software in its installation.

    -javacool
     
  3. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Could this Kazaa threat be combined with the warnings for the Chinese hackers/hijackers starting ... soon?
     
  4. javacool

    javacool BrightFort Moderator

    Joined:
    Feb 10, 2002
    Posts:
    3,995
    I personally don't think so - although if those hackers can find away around (any) safeguards in place in the Altnet/B3D files (if there are any) and make their own network...the potential is rather scary.

    All the more reason to get rid of B3D as quickly as you can.

    -javacool
     
  5. jvmorris

    jvmorris Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    618
    While we're on the subject of KaZaA, I just thought I'd point out that it seems my ISP have been actively scanning for KaZaA servers for some time now.  At the moment, I'm fairly routinely seeing probes on KaZaA ports from my ISP's backup set of DNS servers.  

    This seems to be in addition to their occasional scans for more traditional services that subscribers should not be running under the ToS/AUP.
     
  6. Checkout

    Checkout Security Rhinoceros

    Joined:
    Feb 11, 2002
    Posts:
    1,226
    Thanks for that, jv!  You've opened my eyes and made me realise that my ISP is doing the same thing, which I couldn't understand!  I assumed it was an attack but I could never figure out why the IP was always my ISP's....  Doh!

    Thinking about it, I wish my ISP would leave me alone.  It's intrusive, it's being a nanny to me without my requesting it, and I just wonder what would happen if they found what they were looking for.

    Do you have any experience or knowledge of ISP practice in this area?

    MTIA
     
  7. jvmorris

    jvmorris Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    618
    Checkout,

    In the first place, I don't know that much about KaZaA or the other file-sharing proggies -- until THE DOOFUS downloaded KaZaA and all hell started breaking lose on my Internet connectivity months ago.  (That was also the time of the dlder.exe event.)

    I purged it; he put it back on.  I put up firewall blocks on the gateway and enabled logging.  Other than the occasional flurries after connecting (via dial-up to a Dynamic IP address); I don't see much.  You can imagine my surprise when I suddenly realized I was getting singleton probes once or twice a day from my ISP.

    I do not know why they are doing it (and they won't even acknowledge that they are).  However, I think that a month or so ago, I read something about a Court decision under which ISPs conceivably also be held financially liable unless they took pro-active steps to reduce copyright infringements by their subscribers.  (Hey, I'm just the messenger here, okay? :D )

    Add-on:  This could also explain why these scans are not included in their more common scans for subscribers running web servers, news servers, or mail servers in contravention of the Tos/AUP.  The latter is a simple breach of contract situation, which they can easily handle.  But a possible damage suit from RIAA (??) is a horse of a different color.  They could simply be fireproofing themselves.
     
  8. snowman

    snowman Guest

                for brilliant this is a do or go bankrupt situation......it has some rather large "outstanding notes" that will come due and payable on November 1, 2002.  

                my understanding is that as  brilliant does not as yet have the "servers"....there are intended to be three.     nor has there any mention of "protection".

                perhaps the "real" threat is to world governments....whom would have no possible way of protecting their communications from an attack by hundreds of thousands of computers if the so called brilliant network is hi-jacked......

              due to the extra demand placed on internet providers...users can expect to pay higher fee's.....people who never heard of brilliant will be paying financially.......

              an if brilliant were to go bankrupt.......to whom will all those computers be passed on to.

                                snowman
     
  9. snowman

    snowman Guest

         BDE    annual report  (SEC FORM 10KSB)


               http://biz.yahoo.com/e/020401/bde.html
     
Loading...
Thread Status:
Not open for further replies.