P3GO GT-Break unit shipped out with a trojan on it.

Discussion in 'User Submitted News' started by Rydian, Nov 25, 2010.

Nov 25, 2010
  1. Rydian
    OP

    Member Rydian Resident Furvert™

    Joined:
    Feb 4, 2010
    Messages:
    27,883
    Location:
    Cave Entrance, Watching Cyan Write Letters
    Country:
    United States
    [​IMG]

    If you don't know, the P3GO is a very advanced device compared to most other jailbreaks. It acts as a USB memory when connected to a computer so you can place pkg-files and such there.

    It is when inserting the device to your computer that the trojan hits.

    The trojan is then trying to upload your passwords and banking information to a remote server. It also makes the computer copy the virus to all other USB-devices inserted to the computer from thereon, and thats how the trojan spreads.

    [...] the autorun-file was created on the 11th of November, just a couple of days before the device got shipped to me. This is most likely the date the device got infected, but it is impossible to know if this device actually was infected directly from the manufacturer or after that.

    [...] the retail packaging isn't sealed, so it's easy to get the device out, use it and place it back again with nobody noticing[/p]

    [​IMG] Source

    Not that surprising that a company dealing in products like this wouldn't bother virus-scanning the system they set them up on, but something like this is trivial to find and prevent...
     


  2. Joe88

    Member Joe88 [λ]

    Joined:
    Jan 6, 2008
    Messages:
    11,185
    Location:
    NYC
    Country:
    United States
    this isnt really news

    im pretty sure the infection came from the users computer
    everybody else including myself confirmed there were no viruses on it, just pkg files and txt documents

    its not exactly a reputable person either, just a random person on the forum
     
  3. DaRk_ViVi

    Member DaRk_ViVi ...is everywhere!

    Joined:
    Apr 13, 2004
    Messages:
    1,014
    Location:
    Asti, Italy
    Country:
    Italy
    Have you tried looking into hidden/system files?
    Or you can try by going into the USB Key, and switching the address in the address bar from X:\ (X -> your Drive Letter) to X:\autorun.inf.
    If it says file not found then it should be clean. [​IMG]
     
  4. Rydian
    OP

    Member Rydian Resident Furvert™

    Joined:
    Feb 4, 2010
    Messages:
    27,883
    Location:
    Cave Entrance, Watching Cyan Write Letters
    Country:
    United States
    These infections go after everything that identifies itself as a mass storage device and he claims there's no sign of it on any of his other removable devices, furthermore the date stamp of the autorun file is later than all the other dates, indicating it was most likely infected after it came from the factory (as in, not placed alongside the original firmware files).
     
  5. shakirmoledina

    Member shakirmoledina Legend

    Joined:
    Oct 23, 2004
    Messages:
    6,611
    Location:
    Dar es Salaam
    Country:
    Tanzania
    i shouldnt say this but the person's a pirater (most probably) so it serves us right
    what are the chances tht something like this can happen? avast says 1/8 attacks come from a usb device... usb are always risky as more experienced ppl will tell u
     
  6. Law

    Member Law rip ninjacat that zarcon made me

    Joined:
    Aug 14, 2007
    Messages:
    4,132
    Location:
    ‭jerkland
    Country:
    United Kingdom
    solution: don't put usb keys random people on the street give you into your windows box
     
  7. Another World

    Former Staff Another World Emulate the Planet!

    Joined:
    Jan 3, 2008
    Messages:
    10,476
    Location:
    From Where???
    Country:
    Colombia
    my acekard rpg shipped from dealextreme with a usb virus on it. news had been going around that this was happening to a few users who purchased the rpg about 3 months before acekard stopped selling it for good. the rpg came with software already installed and each user who i talked to back then ordered it from dealextreme. this type of stuff happens and i'm sure the virus wasn't placed there on purpose.

    -another world
     
  8. Rydian
    OP

    Member Rydian Resident Furvert™

    Joined:
    Feb 4, 2010
    Messages:
    27,883
    Location:
    Cave Entrance, Watching Cyan Write Letters
    Country:
    United States
    They infect the computers they're attached to as well, which then infect any other drive plugged in.

    They usually run rampant in school systems, where people are constantly plugging drives in. One person's drive has an infection, and it quickly spreads to other drives and then other computers.
     
  9. Law

    Member Law rip ninjacat that zarcon made me

    Joined:
    Aug 14, 2007
    Messages:
    4,132
    Location:
    ‭jerkland
    Country:
    United Kingdom
    As long as you don't plug it into your own windows box though you should be fine (school computers are terrible anyway).
     
  10. Rydian
    OP

    Member Rydian Resident Furvert™

    Joined:
    Feb 4, 2010
    Messages:
    27,883
    Location:
    Cave Entrance, Watching Cyan Write Letters
    Country:
    United States
    I go into class and sit down to a less-than-a-month-old lenovo desktop with a core i5 and windows 7 with admin rights.

    The guy in front of me likes to play half-life: source between classes.
     
  11. Law

    Member Law rip ninjacat that zarcon made me

    Joined:
    Aug 14, 2007
    Messages:
    4,132
    Location:
    ‭jerkland
    Country:
    United Kingdom
    terrible in the sense that another virus won't really hurt it if the network is as bad as you say when it comes to viruses.

    also: half life source? really? I don't see why you had to mention that when trying to point out why the computers aren't terrible spec-wise. "Oh hey and they can run this game that's on this engine that you can run on 10 year old hardware"
     
  12. indask8

    Member indask8 New Member Forever

    Joined:
    Apr 19, 2007
    Messages:
    987
    Location:
    Look at the Flag...
    Country:
    France
    I have one P3GO, mine wasn't infected at all when I bought it.

    This is either the user computer which infected it or the reseller...

    Anyway, any windows users should disable autorun on usb drives as soon as windows is installed on their system (if you use linux or mac os, ignore this, you have the best built in antivirus of the world ^^).

    And has someone is saying on another forum:

     
  13. prowler

    Member prowler Sony

    Joined:
    Jul 14, 2009
    Messages:
    9,473
    Location:
    Ragol
    Country:
    United Kingdom
    It's not that they have the best AV in the world, it's that there isn't many viruses for the OS.
     
  14. indask8

    Member indask8 New Member Forever

    Joined:
    Apr 19, 2007
    Messages:
    987
    Location:
    Look at the Flag...
    Country:
    France
    I know, what I said was a "metaphor".
     
  15. Rydian
    OP

    Member Rydian Resident Furvert™

    Joined:
    Feb 4, 2010
    Messages:
    27,883
    Location:
    Cave Entrance, Watching Cyan Write Letters
    Country:
    United States
    My point was it depends on the school system. I've never even heard of an infection going through ours, for example... but if you go down to middle and high schools they run rampant.
     
  16. Sir-Fritz

    Member Sir-Fritz GBAtemp Maniac

    Joined:
    May 4, 2008
    Messages:
    1,336
    Location:
    Brisbane, Australia
    Country:
    Australia
    Exaggeration much, you cant run source on 10 year old hardware.
     
  17. Law

    Member Law rip ninjacat that zarcon made me

    Joined:
    Aug 14, 2007
    Messages:
    4,132
    Location:
    ‭jerkland
    Country:
    United Kingdom
    Half Life 2 (which runs on the source engine) was released in 2004. It is highly likely that you would have been able to run Half Life 2 with 4 year old hardware.

    I remember running HL2 on a GeForce4 MX 440 (64MB), and that was released in 2002 (and was low-end).
     
  18. mercluke

    Member mercluke ‮҉

    Joined:
    Dec 2, 2007
    Messages:
    3,161
    Location:
    Perth
    Country:
    Australia
    i remember buying a gba clone on dx and having it ship with a trojan [​IMG]
     
  19. Costello

    Administrator Costello Headmaster

    Joined:
    Oct 24, 2002
    Messages:
    12,030
    you have to understand that most computers in china run Internet Explorer 6, because all the corporate websites are coded for IE 6 only.
    I've used 3 different banks here, their websites can only be used in IE6: they use ActiveX plugins for "security" and when I try using them in IE7 or IE8 the browser crashes. Nearly everyones computer still uses IE6.
    Also, people use pirated versions of windows XP with updates disabled, often not running the latest service pack.
    They dont understand problems, when something comes up they just use a GHOST image of the system and restore it to default.
    I've seen this happen sooooo many times (i work at a university, teaching programming)

    It does not surprise me in the least that USB drives ship with a virus on them. The autorun thingy on windows is the stupidest/most dangerous feature I can think of, so it's usually the first thing I disable when I set up windows.
     
  20. Gman 101

    Member Gman 101 GBAtemp Fan

    Joined:
    Sep 7, 2007
    Messages:
    438
    Location:
    Karkand & Mashtuur City
    Country:
    Australia
    Solution: Get Windows 7

    Autorun does not work unless done by disc media such as CDs and DVDs.

    Simple.
     

Share This Page