TigerDirect
Home arrow News arrow Malware Free
Malware Free

ImageAfter many years of Usenet trolls maliciously claiming that Sharkpost contained Malware, Bughunter author Dustin Cook has confirmed there is absolutely no malicous code within Sharkpost.  Already debunking many of the lies within the first post:  Striking while it was hot making this statement:

You couldn't even determine the executable packer applied (it's sprotect), so it's no wonder you think it somehow has hidden magic code.

with a public invitation from Usenet trolls to inspect the source code, as well as the binary, to gather and report any findings of malicious code (or Malware), Dustin took up the challenge.  After a complete and extensive examination of the source code and binary in question, Dustin returned to make these statements:
 
    I have analyzed both binaries available on http://www.exscientia.org/content/akula_tools.html
    As well as the binary currently available from pricelesswarehome.org; a freeware site that it's
    users decide what software should be listed based on various factors. Both programs were
    scanned first by BugHunter, no hits. Both programs were then submitted to virustotal.org,
    virusscan.jotti.org and virus.org.  Finally, I have reverse engineered both executables and ran
    them via sandboxie and allowed them to simulate posting to usenet via a virtual lan.

    Neither of the programs appears to do anything malicious, although I must say the port isn't
    much better? than the original. I repeat, I have found no malicious code in the binaries I
    have tested so far. The programs aren't expertly protected executables either, I'm afraid.
    Their both protected with ASPROTECT, which takes all of 2 seconds on this machine to
    reverse. :) The binaries are written in microsoft visual c, and do require access to various
    windows dlls for the network functions.

    I have allowed both programs virtual access to a network, and monitoring the packet data.
    I have found nothing encrypted, nothing hidden, and no personal identification information
    that's any different than what your machine would send to a server anyway.
    e: As far as I can tell so far, neither program calls home, neither program has routines to call
    home. Both programs pass along the information you provide to the windows tcpip stack, they
    make no effort to contact any servers/ips outside that string.
 
 His comments on the Usenet trolls website promoting his libelous claims:
 
    I've read the site, and have issues with various comments on it. The narcware you speak of I have not been able to
    locate a copy of this malicious binary or verify any of the other claims on the site. The article claims that the binary
    is protected and cannot be examined due to this. The binaries I have examined are packed with asprotect, but that
    shouldn't deter anyone fairly good with code/cracking from unpacking it.

    The highly suspicious comments not withstanding, I have been unable to find any code in any binary I've examined
    so far to backup any of the suspicious claims. If anything, it's my opinion so far, that the claims have been made by
    someone suffering from severe dillusions, and that of someone who doesn't actually write code. I wouldn't therefore,
    suggest that site as a knowledgable source of information at this time.
 
After releasing this statement Dustin had a forged post contridicting his statements and supporting the Usenet terrorists who have been maliciously spreading these gross and distorted lies about the program and it's author. 
 
Authors note: With actions like these, it isn't difficult to see why no adult would take someone who exhibits severe dillusions seriously.
Comments (1)add comment

Write comment

busy



Reddit!Del.icio.us!Facebook!Slashdot!Netscape!Technorati!StumbleUpon!Newsvine!Furl!Yahoo!Ma.gnolia!Free social bookmarking plugins and extensions for Joomla! websites!
 
< Prev   Next >
[ Back ]
Tech Depot - An Office Depot Co.