GBA TEMP IRC CHANNEL - FULL OF TROJANS

Discussion in 'Site Discussions & Suggestions' started by Vanguarde, Dec 1, 2002.

Dec 1, 2002
  1. Vanguarde
    OP

    Member Vanguarde Advanced Member

    Joined:
    Oct 26, 2002
    Messages:
    70
    Location:
    NYC
    Country:
    United States
    Hello all! Some of you might know me [​IMG] I am Vanguarde, from the IRC channel [​IMG]
    Hi Konny, Thuggy, Lappy, Aida, Angelica 1, Tekken, etc...

    Well anyway the reason I am posting here is because I need to report this RIGHT AWAY. I used the channel for about 30 minutes yesterday, and guess what I found today. Seems during my random virus scans, I picked up 3 different 'Trojan Horse programs'. It took about an hour and the Noron Anti Virus website to fully remove these 'parasites', which 'bored' deep into my registry as well. All 3 were 'mini-irc' apps, so the person who hacked me could use my computer in a Ddos attack, and in fact know everything that was going on in my computer. I *do not* know who hacked me, or whos files are infected, but I suggest that the Ops in that channel get things in order, or at the least WARN people to check, etc.
    Whoever is planting trojans in the chat room is lame ass SHIT btw.
    For everyone who is 'techy' and want to know exactly which Trojan horse programs I was hacked and infected with, here are the links to the three worms I found on my computer after going to the IRC channel #GBAtemp

    1: http://securityresponse.symantec.com/avcen....assasin.c.html

    2: http://securityresponse.symantec.com/avcen...irccontact.html

    3: http://securityresponse.symantec.com/avcen...ojan.iblis.html


    So there we go. I myself will NOT be in the chatroom until I hear something from the people who run it, and after I beef up my protection from this CRAP.

    Thanks for your time and to all my fans - Holla if you hear me!

    /me starts to flex his biceps as he thinks of Aida
     


  2. Peer

    Member Peer Advanced Member

    Joined:
    Oct 24, 2002
    Messages:
    91
    Country:
    United States
    viruses piss me off soooooo much. thanks for the warning. i've had some recent infections so i'm trying to be pretty careful
     
  3. stivsama

    Member stivsama GBA-Tenchan

    Joined:
    Oct 24, 2002
    Messages:
    900
    Country:
    Hmm, even IRC can be unreliable, huh?.. [​IMG]
    Hey waitasec! Don't all roms (more or less) come from IRC? Does this mean trojans are in my roms right now?? [​IMG]
    Here's hoping to survive.. [​IMG]
     
  4. KyleRXZero

    Member KyleRXZero Chaotic and Broken...

    Joined:
    Oct 24, 2002
    Messages:
    524
    Country:
    United States
    Yeah, trojans suck. My girlfriend just uses birth control. It works alot better.

    [​IMG]
     
  5. Gianz19

    Member Gianz19 GBAtemp Regular

    Joined:
    Nov 6, 2002
    Messages:
    167
    Location:
    San Fernando
    Country:
    Philippines
  6. KiVan

    Former Staff KiVan Hooray! Member n# 1!!!

    Joined:
    Oct 23, 2002
    Messages:
    2,256
    Location:
    Italy
    Country:
    Italy
    many many people use mirc and irc in general, but i can assure you it's not a vehicle for viruses.. unless you accept certain infected files, which most likely ARE NOT .gba files...

    are you sure you got the virus from mirc??
     
  7. neocat

    Member neocat The GbaTemp 1337 Cat of D00M!!

    Joined:
    Oct 24, 2002
    Messages:
    2,683
    Location:
    Lisbon
    Country:
    Portugal
    IRC is the BEST way to get any sorts of viruses, or trojans, but every channel has them, all it takes is someone entering the channel and start spreading them. If you're so afraid all you have to do is not accepting unrequested files, use an anti-virus, get a defensive script, or else don't go there
     
  8. shaunj66

    Administrator shaunj66 Administrator

    Joined:
    Oct 24, 2002
    Messages:
    9,830
    Location:
    South England
    Country:
    United Kingdom
    Come on people, stop being so paranoid. IRC is relativity safe as long as you know what you are doing.
    Sure your IP address is advertised throughout the channels you join, and people can use that to try and hack your PC, and dump back door trojans on you, just make sure you have a decent enough firewall to prevent this. I use Norton Personal Firewall and it works fine, it picks up any sort of trojan activity on your ports.
    Also obviously DCC transfers can be risky because you never know for sure what is being sent to you, but as long as you don't accept files from people you don't know and you run a virus check on any files you have downloaded before running them then you should be okay.
    Just remember to keep your antivirus product up to date by using the live or web update frequently or setting it on auto update.

    Oh and Vanguarde, I'd check to see the source of those supposed Trojans you have on your system before scaring off people from our channel. I suspect you got them through an e-mail attatchment or through a website. Unless you accept all file transfers on IRC and download unknown files then I doubt you got them through IRC.
     
  9. neocat

    Member neocat The GbaTemp 1337 Cat of D00M!!

    Joined:
    Oct 24, 2002
    Messages:
    2,683
    Location:
    Lisbon
    Country:
    Portugal
    If you're not an OP, you see a fake IP [​IMG]
     
  10. shaunj66

    Administrator shaunj66 Administrator

    Joined:
    Oct 24, 2002
    Messages:
    9,830
    Location:
    South England
    Country:
    United Kingdom
    Learn IRC a bit more before saying that, there are numerous ways to find someones IP address within IRC very easily. [​IMG]
     
  11. neocat

    Member neocat The GbaTemp 1337 Cat of D00M!!

    Joined:
    Oct 24, 2002
    Messages:
    2,683
    Location:
    Lisbon
    Country:
    Portugal
    HELLO! you said when you join and when you join all the others see is a fake IP. Sure you can use a special program but I wasn't talking about that [​IMG]
     
  12. Ap0cAl1pS3

    Member Ap0cAl1pS3 GBAtemp d3m0n

    Joined:
    Nov 3, 2002
    Messages:
    891
    Location:
    Lisboa
    Country:
    Portugal
    u can only install a trojan on your computer if u open a exe file u got.......

    and the most files from gbatemp channel are or in .zip or .gba so u must got those files from other channels or sites..........
     
  13. Angelical_1

    Former Staff Angelical_1 Former Staff

    Joined:
    Nov 5, 2002
    Messages:
    575
    Location:
    England, U.K
    Country:
    United Kingdom
    I've used irc everyday (give or take a few) for the past 5 years + .... as already stated ... if all you are downloading are .zip files with a .gba a .nfo and maybe a couple of .txt files in you have no worries. Simple as that.

    I would advise though that one uses a firewall... Zone Alarm is free. (www.zonelabs.com)

    Regards Angelical_1
     
  14. Saria

    Member Saria The Sage Of The Forest Temple

    Joined:
    Oct 25, 2002
    Messages:
    813
    Location:
    London UK
    Country:
    United Kingdom
    doesnt have too even be called a trojan.... a virus can come from anywhere
    Trojans are mostly *.exes but have known to reside in IRC scripts (specially addons) and *.bat (batch files)

    Viruses can infect anything and everything.... and any upto date Virus Scanner should detect them....

    If your worried and you know about the registry just goto
    hkey local machine / software / microsoft / windows / current version / run
    If there is a proggie in there that you dont remember having or whatever ... just highlight it and delete...
    thats more then likely a trojan...
    or get Lockdown and let it remove it for you..... [​IMG]
     
  15. Fenriz

    Member Fenriz GBAtemp Regular

    Joined:
    Oct 31, 2002
    Messages:
    216
    Location:
    Rio de Janeiro
    Country:
    Brazil
    Trojans CAN be got without a DCC transfer in IRC, but they only work if they are remotely executed or executed by the user....
    *i need to learn english*

    You should open a Direct Connect HUB or something... IRC is old, and lack features for file spreeding...
     
  16. neocat

    Member neocat The GbaTemp 1337 Cat of D00M!!

    Joined:
    Oct 24, 2002
    Messages:
    2,683
    Location:
    Lisbon
    Country:
    Portugal
    In DC you can't chat... IRC is better if you get a good script
     
  17. xBla

    xBla Newbie

    Just use WhoIs on any User in IRC and youll have his IP. But anyways, i dont believe you got it through IRC unless you have auto-accept turned on and execute every File you get, even if you dont know the source. And if your doin so, youre a bit dumb, eh? [​IMG]

    btw: Im using IRC for three years now.
     
  18. Fenriz

    Member Fenriz GBAtemp Regular

    Joined:
    Oct 31, 2002
    Messages:
    216
    Location:
    Rio de Janeiro
    Country:
    Brazil
    Ok, so plz tell me a script who can manage my DCC downloads for me, so i can have multiple files from multiple users at my queue and dont let them begin all at once, only one download at a time....
     
  19. KyleRXZero

    Member KyleRXZero Chaotic and Broken...

    Joined:
    Oct 24, 2002
    Messages:
    524
    Country:
    United States
    I chat in Direct Connect. [​IMG]
     
  20. Vanguarde
    OP

    Member Vanguarde Advanced Member

    Joined:
    Oct 26, 2002
    Messages:
    70
    Location:
    NYC
    Country:
    United States
    Hi ! Thanks for all the replies to this concern. And I am SO glad that no flames happened in this thread. [​IMG]
    First of all, I am not a 'dim' computer user, I know what is going on with my computer, how it should act, why it acts when it acts, etc. I also run a Firewall, and in fact 2 Anti-Virus Scanners, and 1 Trojan horse program detector. ( Norton, Affe, and Sentinel )
    There was NO trojans on my computer before I went into the channel the other day - and I in fact used the channel several times before, with no problems. Just this day I went, after I logged off, and turned my computer off, the next day when I boot up, my scanner pops up and says it has detected a trojan. Shocked, I quickly run the trojan horse scanner, and find 2 more trojans, which have 'dug' into my registry, etc. I try to 'repair' them with Norton, but it fails, so I quarintine them, and then manually hunt down every file it put on my computer. I won't go into the files, but if you are interested the links will take you to detailed descritpions of the trojans, in my first post on this thread to get the links to that.
    I am not saying at all that #GBAtemp is the *only* place where this can happen, I am saying it did happen, and happens every day on many, many IRC channels. I just felt the need to report this, because I can see tons of 'rom newbies' who go to the channel just for roms, and hardly know IRC to be mass infected with this Trojans, which have Ddos abilites, and the 'hacker' ( probably a script kiddie at best ) could use his mass amount of computers and bandwith from his trojan horse programs he/she spread on the channel to help attack a website, and the people who are affected would not even know, besides having his/her internet/internet games run slow. ( I.E. :laggy )
    For the record, I downloaded 4 roms that night on IRC, 2 from "Ko", and 2 from "Serp". All were ROMS, no .exe's, etc. I don't see how these files could execute a trojan - and in fact I have used both Ko's and Serp's wonderful sharing service in the past with no problems. Who knows, maybe they don't even know they might be infected? All it takes is one person who does not scan for the damned things to spread. 8(
    So in the end, I have not aquired software that will protect me when I go back to GBAtemp, and I encourage everyone to go to GBAtemp - it's a GREAT place to find erhm.. Demos [​IMG] AND you know what? If you talk to the people there, they are pretty cool and talk to you back! [​IMG] I have some friends there myself. Just be SAFE, GET AND USE a firewall, GET AND USE a virus scanner, GET AND USE ADAWARE. Just getting the software is not enough - take the time to set it up ! [​IMG]
    I myself go into the channel with a 'pro' edition firewall, ( Zonealarm ) Norton on with full script scanning and real time virus/trojan protection, ( Slows computer down, so I only turn it on when I go into the channel! You can turn it off after you go offline and stop downloading stuff, like when playing games ^^ ) and since I like to not just 'take' attacks, I also run black ice - which can trace and ( if you know it's secrets) counter-attack to a degree.
    Kewl stuff ;0

    Well anyway, thanks for your time everyone, and again be safe! (

    - Mike
     

Share This Page