Sporge, Redux
#1
One question I have hasd about sporgers which as mystified me for a while:

Since new accounts on TPB are closed, how it it that there seem to be an endless amount of new posters sporging infected crap? 

Its even worse now, that they have learned not to use a single username to fill up searchspace under Recent Releases, but to post a doens or two, and then switch names, and post the same crap.
Wash, rinse repeat. 

They have also learned not to use identical files, but to randomize size a bit. 

For about a week, it looked like the site was cleaned up.
And then.....

To N00bs: 

I'm not sure what the story is with skulls. 

Keep in mind that some boogerware will get by even the best posters. The best scumware is not detectable by scanners. They need to be tested in a sandbox, with at least two processors assigned to it.
Reply
#2
(Sep 13, 2021, 19:42 pm)waregim Wrote: One question I have hasd about sporgers which as mystified me for a while:

Since new accounts on TPB are closed, how it it that there seem to be an endless amount of new posters sporging infected crap? 

https://www.itpro.co.uk/625036/the-pirate-bay-hacked

tl:dr; The TPB user db was hacked with a simple SQL injection by an argentinian crew back in 2010. Those of us who were active users at the time had our passwords reset manually, but out of 4 million hacked account details I reckon that was only a fraction. And who is gonna persecute a "security expert" for selling TPB passwords on the darknet?
Reply
#3
Many thanks.

Makes sense now.

5 Million!!! Gawd, that many registered users.

I get the creepy felling the ones doing it are Korp types. Unrelenting.
I wonder if anyone has ever traced the ratboxes the scumware phones home to?
Reply
#4
Well, someone is obviously making $$ doing it...

Come to think of it, someone made an account at SB a while back and PMed me if I would like to make money adding their "install bank" system to my uploads. Said I would get paid per successful deployment. His website looked all slick and advertised silent installs the user wont even know about. I declined and reported the guy, but you get an idea how they operate...
Reply
#5
Silent installs....
Umm...

I wonder if turning off BITS in Services works for Win. I always do it.

I've been using a proxy lately and *something* keeps trying to get in, but I killfilter the IP in HOSTS.
Seems to be trying to pretend its an 'update'.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Sporge waregim 4 15,040 Mar 05, 2021, 20:29 pm
Last Post: RobertX



Users browsing this thread: 2 Guest(s)