Energizer USB Duo battery charger hides a Trojan
in [Embedded]
|
Prev: Defining "firmware quality"
Next: 256-fold (or even more) increase in speed on copper wire possibleIMHO
From: Mickel on 10 Mar 2010 19:18 "D Yuniskis" <not.going.to.be(a)seen.com> wrote in message news:hn97lc$7hf$2(a)speranza.aioe.org... > And *none* of the users who own this device have *ever* run > a virus scanner?? *Surely* this trojan didn't actually do anything. If it started calling out on port 7777 someone would have noticed.
From: D Yuniskis on 10 Mar 2010 20:24 Mickel wrote: > "D Yuniskis" <not.going.to.be(a)seen.com> wrote in message > news:hn97lc$7hf$2(a)speranza.aioe.org... >> And *none* of the users who own this device have *ever* run >> a virus scanner?? > > *Surely* this trojan didn't actually do anything. If it started calling out > on port 7777 someone would have noticed. How do you know it calls *out* and doesn't just open 7777 and *wait* for an incoming connection? Regardless, a virus scan would/should have noticed the payload.
From: Mickel on 10 Mar 2010 21:55 "D Yuniskis" <not.going.to.be(a)seen.com> wrote in message news:hn9g1s$jk6$1(a)speranza.aioe.org... > How do you know it calls *out* and doesn't just open 7777 and > *wait* for an incoming connection? Possibly but considering even basic home routers have nat these days it wouldn't be very effective. So pretty much it would do nothing. > Regardless, a virus scan would/should have noticed the payload. Why? Unless it is a know virus it's unlikely to get picked up.
From: Przemek Klosowski on 10 Mar 2010 22:52 On Wed, 10 Mar 2010 16:01:38 -0700, D Yuniskis wrote: > Don McKenzie wrote: >> Energizer USB Duo battery charger hides a Trojan March 9, 2010 by Lin > And *none* of the users who own this device have *ever* run a virus > scanner?? A virus scanner only detects the viruses that match a known signature, or which do something that it knows about. If the malware is stealthy enough it won't be detected.
From: D Yuniskis on 11 Mar 2010 13:59 Mickel wrote: > "D Yuniskis" <not.going.to.be(a)seen.com> wrote in message > news:hn9g1s$jk6$1(a)speranza.aioe.org... >> How do you know it calls *out* and doesn't just open 7777 and >> *wait* for an incoming connection? > > Possibly but considering even basic home routers have nat these days it > wouldn't be very effective. So pretty much it would do nothing. > >> Regardless, a virus scan would/should have noticed the payload. > > Why? Unless it is a know virus it's unlikely to get picked up. In two years it remained hidden? No one ever ran TCPview?
First
|
Prev
|
Next
|
Last
Pages: 1 2 3 Prev: Defining "firmware quality" Next: 256-fold (or even more) increase in speed on copper wire possibleIMHO |