Author Topic: Malware on limewire  (Read 6558 times)

0 Members and 1 Guest are viewing this topic.

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 20218
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Malware on limewire
« Reply #15 on: June 29, 2015, 03:21:36 PM »
Enough, Yamaha, R6 Yamaha, Trailblazer25, Blazer.  Help forums are not for your amusement. Read what has been posted here and at the other forums where you are playing your little game.

Cyber Tech: Malware on p2p
Spyware Hammer: Malware on limewire 
Malware Tips: Malware limewire security issue and Limewire malware question and inadvertently sharing files?
PC Ptstop:  Malware on p2p - Viruses, Spyware, Adware
Frostwire:  Frostwire limewire malware security
TSF:  P2p malware

This discussion is closed. 


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline Aaron Hulett

  • Administrator
  • Hero Member
  • *****
  • Posts: 1451
  • Schrödinger's cat walks into a bar... and doesn't.
    • View Profile
    • My Site
Re: Malware on limewire
« Reply #16 on: June 29, 2015, 08:08:30 PM »
The thread shall remain closed, but as an admin I'm going to chime in one more time with two things.

First, some additional posts:

TechPowerUp: http://www.techpowerup.com/forums/threads/p2p-malware.213715/
NeoWin: http://www.neowin.net/forum/topic/1258502-p2p-malware-question/

And second, I received a PM essentially asking the same question so I'll reply here, just this one more time, in case my explanation helps whomever comes across this thread in the future.

I'm not sure what you're exactly looking to ascertain. Based on some of these threads it appears you ran LimeWire some time ago where there were attempts to download pirated versions of Microsoft Word:

Quote
Posted June 23, 2015 at 9:57 AM by Trailblazer

Hahaha!! I believe when I had an avg I tried to download Microsoft word several times and most of it was viruses so I went and bought the program. But after that I just downloaded music.
Source: http://www.techpowerup.com/forums/threads/p2p-malware.213715/page-2

If this is true, then that whole playing with fire thing I mentioned earlier comes into play. Accordingly, rather than understanding how likely it was for something to share out your files on LimeWire, I think the true question you're asking here without actually asking it is:

Were my personal files shared through LimeWire?

My answer is: You're asking the wrong question.

Yes, a malware author could write something that changes LimeWire's settings so that your personal files are shared over LimeWire. The malware author could also, for example, just FTP them to himself/herself rather than need to go looking for them on LimeWire, or he/she could install a keylogger and capture your login credentials for various things. They can do whatever they want - once the malware executes fully and successfully, they own the box.

In other words, the question should be: Were my personal files / login credentials shared/compromised?

The FTC article you linked to is correct - when it says, "You could mistakenly: ... allow strangers to access and share your personal files," it's not some made up fantasy; the risk is real. So, were you hit with malware and now have compromised data? Without knowing what specific malware you may have download, how up to date your antimalware program was (or wasn't) at the time you tried downloading things (a.k.a. how successful or unsuccessful was the malware's attempt to run and deliver/perform its payload, if malware was downloaded), or other factors, for any of us on this forum to come back to you and say with any certainty that "Yes, your data's compromised," or "No, you got lucky," is impossible. It's also impossible through this forum to determine if, assuming malware was downloaded and was able to run successfully, you shared malware back out through LimeWire or other channels.

If you're really interested about malware that relates to LimeWire, you may want to look through a malware encyclopedia to learn more. Here's a link to search the Microsoft Malware Protection Center malware encyclopedia which can help you get started:

http://www.microsoft.com/en-US/Search/GeneralInfoDrillInResults.aspx?q=limewire&cateorder=1_5_16_13_11&site=http%253a%252f%252fwww.microsoft.com%252fsecurity%252fportal&first=1

And about this Tiversa part:

Quote
Posted 27 June 2015 - 11:43 AM by Yamaha

I have found several articles by tiversa saying malware can change save folders on p2p to move
Personal files into the share folder so everyone on your network can access you personal files. Tiversa has some claims against them that makes me wonder if they are just saying stuff to scare people. ...

Yes of course malware is on p2p most people think it's number 1 cause for viruses. Actually it's websites these days is what I read. But yes it could happen that malware would do this but so could Harry Potter it could happen as well. I just wanted to see how realistic this claim from tiversa is about changing folders around to make everyone access your personal info. Me and others I've talked to think it's mainly to scare you of the worse and that they never had any proof to support the cause and no articles ever mention this.
Source: PC Pitstop via cache at http://cc.bingj.com/cache.aspx?q=malware+shares+personal+files+p2p&d=54045828808249232&mkt=en-US&setlang=en-US&w=9ocvbZfZA_pMvVat-g9ZslDzfnSOJdxe

Can I name off specific families off the top of my head performing the behavior you mentioned to exemplify its occurrence? No, and I do not have cycles to dig into this as a personal side project to find specific ones. But as I said the risk is real, and I would not be surprised if someone walked up to me one day with details about a malware family that did this.

Regards,
Aaron

This post is provided "AS IS" without warranty, and confers no rights.