Spyware-Infecto! Where to get good spyware these days?
October 24, 2006 8:33 PM Subscribe
Help me find some spyware. I am interviewing someone for a position in "residential IT support" and I want to infect a PC for them to fix. Where to get the warez?
Not just cookies, either. I want some L2M infections, some good old nasty Trojan horses and maybe even a couple of viruses.
I want a machine so dogged down with junk it can't even open a window - unless it opens ten at a time. I want this tech to be as challenged to remove the infections as possible. Does anyone here know of any sites that pass this junk? I am extremely particular about the sites I visit, so I'm drawing a blank.
Thanks in advance!
Not just cookies, either. I want some L2M infections, some good old nasty Trojan horses and maybe even a couple of viruses.
I want a machine so dogged down with junk it can't even open a window - unless it opens ten at a time. I want this tech to be as challenged to remove the infections as possible. Does anyone here know of any sites that pass this junk? I am extremely particular about the sites I visit, so I'm drawing a blank.
Thanks in advance!
Search for porn and warez, go to the websites, and click Accept/OK to everything that pops up.
posted by junesix at 8:39 PM on October 24, 2006
posted by junesix at 8:39 PM on October 24, 2006
Hide a couple evil little toys for him in these spots.
Do something evil, like write a little piece of batch code that modifies the registry so that the homepage of the browser is reset to (insert evil website here). Have this piece of code executed on every reboot.
Impossible to find unless you know the registry, which this guy should if he's reasonably competent.
posted by onalark at 9:08 PM on October 24, 2006
Do something evil, like write a little piece of batch code that modifies the registry so that the homepage of the browser is reset to (insert evil website here). Have this piece of code executed on every reboot.
Impossible to find unless you know the registry, which this guy should if he's reasonably competent.
posted by onalark at 9:08 PM on October 24, 2006
Too bad Bonzi Buddy is no more. That was a surefire way to bring your PC to a molasses-like state of pop-ups galore.
posted by Liosliath at 9:21 PM on October 24, 2006
posted by Liosliath at 9:21 PM on October 24, 2006
Easy as pie. Check the spam in your email inbox. Any attachment accompanied by a nonsensical one-liner will be a worm or trojan.
posted by zek at 9:32 PM on October 24, 2006
posted by zek at 9:32 PM on October 24, 2006
While you're at the warez sites, download a few cracks for popular software titles. It doesn't matter if you have the software or not, just run the crack and let them install whatever they want.
posted by Cog at 9:41 PM on October 24, 2006
posted by Cog at 9:41 PM on October 24, 2006
This is just the excuse you need to visit free online porn sites.
posted by Steven C. Den Beste at 9:58 PM on October 24, 2006
posted by Steven C. Den Beste at 9:58 PM on October 24, 2006
Make sure you use Internet Explorer. Movies alone cannot infect your computer, but active-x embedded stuff can. If you can setup a new XP install, don't update anything, make sure firewall is off. Installing Kazaa is a good start Check out the page linked to in this google search for the Munga Bunga Brute Forcer which should also install CoolWWWSearch, one of the most prevalant malware things that results in the about::blank error. Instead of downloading porn movies (this will not break your computer) try searching for something like "free xxx passwords" and look for programs. The last big round of infection i saw was malicious programs masquerading as codecs, but i tried to find some and they had all been taken down already.
Go register an email address at hotmail, then start using it all the time. Turn all spam filtering off, register at all kinds of free sites, install a bunch of "free search toolbars", "web accelerators", etc etc etc. keywords like p2p, free music, free music, cracking, porn should get you started, don't forget to give out that email adress and open those attachments!
posted by sophist at 10:34 PM on October 24, 2006 [1 favorite]
Go register an email address at hotmail, then start using it all the time. Turn all spam filtering off, register at all kinds of free sites, install a bunch of "free search toolbars", "web accelerators", etc etc etc. keywords like p2p, free music, free music, cracking, porn should get you started, don't forget to give out that email adress and open those attachments!
posted by sophist at 10:34 PM on October 24, 2006 [1 favorite]
Here is a good list of infected p2p applications. Once you get in it might be a good idea to look up exe files and start downloading and running some of those too.
posted by sophist at 10:38 PM on October 24, 2006
posted by sophist at 10:38 PM on October 24, 2006
I've also heard that just visiting http://astalavista.box.sk in IE is a good way to permanently cripple a Windows install. You can use the search engine to find cracks/keygens to run also. Try pirating Adobe Photoshop or Macromedia Flash.
posted by bkudria at 10:42 PM on October 24, 2006
posted by bkudria at 10:42 PM on October 24, 2006
By linking these nasty sites, we're giving them all kinds of page rank and raising them higher on google. Perhaps we could obfuscate the urls a little bit? Use something like: "http://address 'dot com'"
posted by chrisamiller at 10:52 PM on October 24, 2006
posted by chrisamiller at 10:52 PM on October 24, 2006
Oh, have I got a site for you.
Go here and run any of these programs.
Popups everywhere.
I had to run a virus scanner, two anti spyware programs and a special program specifically designed to rid me of this problem.
posted by tomble at 3:19 AM on October 25, 2006
Go here and run any of these programs.
Popups everywhere.
I had to run a virus scanner, two anti spyware programs and a special program specifically designed to rid me of this problem.
posted by tomble at 3:19 AM on October 25, 2006
Best answer: Do what the BBC did recently, and build a honeypot PC (they used a virtual PC session) - part 1 and part 2.
You shouldn't have to exert any effort in setting up the compromised machine - although it may end up being a bit too much to fix, and will require rebooting, reformatting and reinstallation (the three main tenets of an IT support role, from an outsiders POV!)
posted by Chunder at 3:36 AM on October 25, 2006
You shouldn't have to exert any effort in setting up the compromised machine - although it may end up being a bit too much to fix, and will require rebooting, reformatting and reinstallation (the three main tenets of an IT support role, from an outsiders POV!)
posted by Chunder at 3:36 AM on October 25, 2006
Once you get a particular nasty box set up you should image it so you never have to go through the process again.
posted by dgeiser13 at 5:06 AM on October 25, 2006
posted by dgeiser13 at 5:06 AM on October 25, 2006
When I locked my proper PC up, I had to connect my old PC (Windows 98, old Explorer etc) to my broadband - it was unusably slow because of malware in less than an hour...
posted by prentiz at 6:05 AM on October 25, 2006
posted by prentiz at 6:05 AM on October 25, 2006
Webshots, kazaa(not kazaa lite) most free games. Oohh, look, spyaware, I'll bet that's really useful... and more from the same site. Googling how to get spyware found this useful discussion. Sounds like fun.
posted by theora55 at 2:06 PM on October 25, 2006
posted by theora55 at 2:06 PM on October 25, 2006
Best answer: I hope you're not doing this experiment on a home computer with personal information, passwords or financial information on it, or on an active network with users who may be using it for banking or other sensitive data. Remember, an infected computer can sometimes infect other computers on a network, or eavesdrop on their network communications.
If not:
Install any unpatched Windows and IE and just hook it up raw to a cable modem. No firewalls.
You'll only have to wait about 30 seconds. The days of it being "safe" to connect to the 'net without at least a firewall are pretty much long gone.
Or start searching for "free software" or "free porn" while browsing with IE.
By the way, speaking as an IT-support type person your test is pretty much useless as a measurement unless both you and the IT guy are experienced in the inner workings of Windows and the registry system to be able to judge his skills against the skills of the spyware writers.
Speaking as an IT guy, my solution would be to trust in the skills of a few trusted others and run a good anti-virus/malware package like NOD32 or Panda, run a registry cleaner, inspect it for other known threats, cross my fingers and reboot. Because, frankly, most IT folks don't have time to actually edit the entire registry or system files and move file packages and such around by hand.
And then schedule a full reinstall and patch session (from disk image, streamline, or (ugh) original discs and then I would lock that machine down tighter than pickled eel anus so it couldn't get infected again and people couldn't help it get infected again through malice and/or ignorance.
So, IT isn't really Cowboys and Indians stuff. Dealing with malware in working IT environments (including residential) is mostly boring procedures and orders of operations, just like dealing with infectious diseases is mostly procedure.
So, to premptively answer your interview question - you can only make your infected computer so infected that it takes the amount of work that a scan, backup and reinstall takes.
In a good shop that can be as quick as 3-5 minutes or less to do a backup disk and image install, depending on how much user data there is to back up. (Plus paperwork, login information, domain adds and other misc, which is why it actually takes an hour, but the disk write and "fix" takes mere minutes.)
In a bad shop, doing a fresh install from original discs can take days, depending on how much software there is to be installed.
posted by loquacious at 4:37 AM on January 26, 2007
If not:
Install any unpatched Windows and IE and just hook it up raw to a cable modem. No firewalls.
You'll only have to wait about 30 seconds. The days of it being "safe" to connect to the 'net without at least a firewall are pretty much long gone.
Or start searching for "free software" or "free porn" while browsing with IE.
By the way, speaking as an IT-support type person your test is pretty much useless as a measurement unless both you and the IT guy are experienced in the inner workings of Windows and the registry system to be able to judge his skills against the skills of the spyware writers.
Speaking as an IT guy, my solution would be to trust in the skills of a few trusted others and run a good anti-virus/malware package like NOD32 or Panda, run a registry cleaner, inspect it for other known threats, cross my fingers and reboot. Because, frankly, most IT folks don't have time to actually edit the entire registry or system files and move file packages and such around by hand.
And then schedule a full reinstall and patch session (from disk image, streamline, or (ugh) original discs and then I would lock that machine down tighter than pickled eel anus so it couldn't get infected again and people couldn't help it get infected again through malice and/or ignorance.
So, IT isn't really Cowboys and Indians stuff. Dealing with malware in working IT environments (including residential) is mostly boring procedures and orders of operations, just like dealing with infectious diseases is mostly procedure.
So, to premptively answer your interview question - you can only make your infected computer so infected that it takes the amount of work that a scan, backup and reinstall takes.
In a good shop that can be as quick as 3-5 minutes or less to do a backup disk and image install, depending on how much user data there is to back up. (Plus paperwork, login information, domain adds and other misc, which is why it actually takes an hour, but the disk write and "fix" takes mere minutes.)
In a bad shop, doing a fresh install from original discs can take days, depending on how much software there is to be installed.
posted by loquacious at 4:37 AM on January 26, 2007
This thread is closed to new comments.
My experience with Kazaa was horrifying, but maybe that'd be a good place to start.
posted by Phire at 8:37 PM on October 24, 2006