Re: Warning: Trojan identified that steals POL passwords

according to this news by Internet Watch (in japanese), the code of this Trojan holds the phrase "最終幻想" meaning "Final Fantasy" in chinese.

i hope this isn't a gil seller's next way of "farming" gils... not to mention if u actually "steal" items and gils from accts u r not granted access to constitues a criminal offense in many countries, although i don't know if it is in china.

Re: Warning: Trojan identified that steals POL passwords

dont
use
third
party
software

K?

Re: Warning: Trojan identified that steals POL passwords

So how does this virus spread? It doesn't say.

Re: Warning: Trojan identified that steals POL passwords

this Trojan doesn't have any method of spreading out itself, according to the news i referred to above.

it was automatically downloaded and executed (depending on the security setting in ur browser) when u access this certain website, but according to Symantec the website is already gone.

in other words, u can expect no future "infections" of this particular Trojan as long as u keep the virus definition up to date.

Re: Warning: Trojan identified that steals POL passwords

It doesn't seem to specific at all on were the Trojan came from, all they state is were the trojan was reporting back too. Which looks like it was a Bulliten Board System which is the common use for a hacker finding "ribbits".

Like the virus type states a Trojan Horse infects a system in various ways. Most commonly though requiring the user to of done something to initiate it. It can be poor functionality of keeping security up-to-date in their web browser to downloading a 3rd party program and running it.

The method of infection for to steal a password for Lineage II was a 3rd party program, in fact a program that enhanced the games functions much as the newer windower for FFXI does. For Ragnarock Online a Trojan Horse found for stealling password on it was a Bulletin Board System.

As far as unathorized access to an account this is covered in the International Copyright laws in which China and Hong Kong both took part in on that convention and agreed with. So this is indeed illegal acts even in China or at least is suppose to be to my knowledge.

Re: Warning: Trojan identified that steals POL passwords

u r right, the Symantec site only has info as to where the Trojan sends the info to. my 2nd paragraph was also coming from the news site, not Symantec. sry for the confusion.

as for the legal matter, by "International Copyright laws" i assume u r referring to the Berne Convention, of which China is a contracting party. (to the best of my knowledge China is NOT a party of WIPO Copyright Treaty, also known as WCT.) nevertheless, such copyright treaties don't cover the wrongful acts such as gainning unauthorized access to the computer network or knowingly altering the data stored. the purpose of the treaty is strictly focused on the copyright, and it's not a common practice to apply such to the area outside of its own, while the final decision rests w/ courts.

there also is another international treaty called Convention on Cybercrime, written by Council of Europe, which specifically prohibits unauthorized access to the computer network. but only the 26 CoE member countries and US, Canada, Japan and South Africa have signed this treaty.

so, as far as unautorized access goes, unless i'm missing some other important treaties, besides those 30 countries that signed the Convention on Cybercrime, things r pretty much left to the local laws.

only several yrs ago, Japan didn't have a law that makes unautorized access itself illegal, while alteration of data, or any other actions that cause damage, were already unlawful. i was just wondering how things r in other parts of the world, nothing more or less.

Re: Warning: Trojan identified that steals POL passwords

Ah, ok got it bside. Could of sworn I read somewere in the "International Copyright" stuff about unauthorized access. The altering of data stored (or databases) it was specific though, it protects the structures of the databases themselves but not the data in it. So basically if someone tried to altered how databases function or how they link up you can get in trouble for, but changing what data is in there that it maintains that copyright doesn't protect.

Re: Warning: Trojan identified that steals POL passwords

Was playing FFXI the other day when I got kicked off saying my account logged in from another location. Logged off, changed password, ran virus scan, changed password again.

Re: Warning: Trojan identified that steals POL passwords

Something similar to this happened a couple of weeks ago in World of Warcraft, to the point that thousands upon thousands of accounts got hacked, the reason: Allakhazam. Seems like someone decided to "advertise" a virus through Allakhazam's ad network that exploited a loophole in IE.

Regardless, the chances of the people being caught are slim to none, unfortunately. And with the success of the virus that attacked WoW users through Allakhazam, these types of things may become more common as a means for illicit gold selling operations to gather gold (a friend of mine was affected by it, and his account was taken over by a gold farmer for a few days before he managed to regain control of it by calling Blizzard) or just for people to mess with a lot of people.

Re: Warning: Trojan identified that steals POL passwords

And that is why, ladies and dumbasses, you dont click on links you dont know the nature of.

Re: Warning: Trojan identified that steals POL passwords

NEVER play the "SHOOT THE DUCK" game ads at the top of your browser workspace. Don't play any af those ad games. Also, try not to go to any of those portal websites that you find sometimes when you do searches on google, etc. They can very easily put spyware on your computer, Unless you have a spyware blocker implemented into your browser. That is how this stuff usually occurs. People need to start thinking logically and become more aware of how secure websites are, etc.

Re: Warning: Trojan identified that steals POL passwords


Quoted for truth.

Re: Warning: Trojan identified that steals POL passwords

No, you see, it wasn't you had to click it, it was Allakhazam had to just *display* the ad. As in, no matter how educated you are, you would have been infected (think along the lines of the current warnings going out about IM rootkit worms where the person just has to basically IM you and you're infected, no matter what you do)

Then again, Allakhazam's ads have always been sketchy, but that's a completely other subject... Firefox

Re: Warning: Trojan identified that steals POL passwords

Actually an I.E. update done in like October Last Year blocked the ability of ads to execute programs. That loophole was useless as long as you had IE updated. Outside of that you can block an Ads ability to do anything if you monitor and require a prompt to allow cookies. Then when you see a cookie request not from the site just stop it.