Page 1 of 1

Trojaned releases?

PostPosted: Sun, 16Sep04 23:35
by CobraPL
Certain guy posts (mostly pirated) copies of adult games on various sites. He even polluted Hongfire (and other sites too, but I'll not mention them to not promote pirate websites):
Look at his releases - main exe behavior. Is there any1 competent to actually check what exes do? I already know that he:
1. Repacks whole games to one exe which pretend to be main game exe - forged name and icon.
2. Such exe always wants admin rights.
3. There are bogus files in former game dir - some dlls, "savedata" folder. But game in fact runs from unpacked temps.
4. There is .bat file run from temp but it melts after execution. EDIT: bat file may be component of Comodo Virtualization I used.

But... why? If it is trojan-free, then why doing all this things? So much extra effort. He uses mega hosting on sites where other pirates use other hosting sites to earn money (for transfer). As we can see, he has different motivation.

BTW. I considered Hongfire as reputable site, I think that some rels from above link may be pirated stuff. I already reported him on Hongfire.

Of course this example is warn sign for all interested in illegal copies - if you don't obtain software from official distribution, then face consequences.

Guys, what do you think?

Re: Trojaned releases?

PostPosted: Mon, 16Sep05 01:04
by Guntag
I think you shouldn't provide links to files you believe infected with a virus :)

Re: Trojaned releases?

PostPosted: Mon, 16Sep05 01:07
by fleet
I think owners of the games should contact Mega (or whatever site he uploads the pirated games to) and make a take down notice.

Re: Trojaned releases?

PostPosted: Mon, 16Sep05 05:43
by muttdoggy
You're right. I've come across this guy posting mega.nz links on SVS comics. I'm stating a specific site so you can check if you want and I've looked into assisting with a DMCA notice. Mega does provide a form to fill out but the point is we need to get this guy's ISP banned from using mega since many guys like him will simply open up another account and use that to upload to. Another way to kick him offline is by notifying his ISP provider (if we can find it) of his activities. I've tried with other uploaders and the only lasting success I've had is when I report illegal uploads.

Re: Trojaned releases?

PostPosted: Mon, 16Sep05 07:06
by artorawley
If he's been going through all of that effort to infect computers then I would bet good money on him using a VPN to upload his files and post them on various websites, meaning reporting his files and accounts won't make much of a difference since that information will never get back to his actual ISP due to the VPN obscuring his actual connection origin point. Sadly, crap like this and the scum of the Earth that appropriate creator's works to make money off of them has severely impacted my own personal game development over the past couple of years. I'm still trying to figure out a good method that protects the content creator but also inconveniences legit users as little as possible. I don't even care about getting paid for a hobby of mine, but it makes my blood boil to think of scumbags making money off that same work of mine.

Re: Trojaned releases?

PostPosted: Mon, 16Sep05 11:58
by CobraPL
I made some research:
1. Although he posted on mega, archives contain .url files with links to warez sites and there we have keep2share and filebloom releases.
2. Main exe contain whole game packed inside. All other files are bogus - you can delete them and game will work.
3. I didn't find trojan so far.
4. You can't simply unpack game with archiver.

So we have big exe file, impossible to send to virustotal or similar service, skipped by some av programs, which asks for admin rights, then it can do anything and game is run from temp - instead of running normally. I see no logical reason to do so. It is very fishy!

Re: Trojaned releases?

PostPosted: Mon, 16Sep05 17:26
by Skelaturi
First of if you suspect such a person whisper a Moderator or Shark, second i moved this to the beach cause it's not a bloody game