[HN Gopher] Newly discovered Vigilante malware outs software pir... ___________________________________________________________________ Newly discovered Vigilante malware outs software pirates and blocks them Author : pseudolus Score : 94 points Date : 2021-06-19 10:13 UTC (12 hours ago) (HTM) web link (arstechnica.com) (TXT) w3m dump (arstechnica.com) | jchristian- wrote: | Anyone has the list of sites blocked by Vigilante? For research | purposes. | bserge wrote: | I am against piracy on principle. All of my employers know how | hard I work to protect their IP. | gjsman-1000 wrote: | What principle might that be? | [deleted] | bserge wrote: | IP is incredibly important and we must all protect it at all | cost. My wage and health are nothing compared to the | employers' properties and wealth. I would die for them. | andrewzah wrote: | Then don't buy media. But don't pirate it either. | | Media takes money and lots of man-hours of people working | in order to produce things. They, too, need to get paid, | regardless of whatever principles you hold personally. | | edit: kindly stop shadow-editing comments. Your comment is | completely different now from the one that I replied to. | slim wrote: | It seems this person will be happy if the whole | entertainement industry disappeared | bserge wrote: | In the beginning the Universe was created. This has made | a lot of people very angry and been widely regarded as a | bad move. | bserge wrote: | Indeed, the media companies deserve their money. The | artists should be grateful for the opportunity to become | famous even if they don't make that much money and we | should all pay to see the same Marvel movie rewritten 10 | times. Nothing better exists in this world. | andrewzah wrote: | That is not what I was discussing at all. | | You can justify it to yourself however you want, but | normal people, like you and I, work on movies, books, | games, etc. Like us, they also need to get paid. It is | entitlement to not want to pay for their work yet still | consume it, and it's also dismissive of the huge amount | of work that actually goes into the production of media. | | edit: kindly stop completely changing your comments with | shadow-edits. | ganzuul wrote: | I will die with a smug grin on my face that I did not waste | time watching ads on TV since I was 22 or so. | andrewzah wrote: | Note: the original comment was akin to "I refuse to pay for | media on principle". bserge has shadow-edited several comments | in this chain from what they were originally. | zahrc wrote: | I've been sailing the high seas of illegal downloading since I | can remember. Back in the days simply because I couldn't afford | it or wasn't allowed to buy it. Nowadays it's only TV shows. | | Anyway, writing something to a HOST file is not that | incredible... regarding the motive, that might as well be a | troll, or an attempt to drive traffic to private trackers. | f6v wrote: | Calling it "Vigilante" is a stretch. | ArkanExplorer wrote: | Its bamboozling that in this new age of 'deplatforming', that | video and game entertainment companies have not pushed ISPs, | nations, or tech companies harder to deplatform torrent sites. It | would yield pretty major benefits for minor effort. | | Its also strange that people are willing to spend $thousands on a | gaming PC, and then risk their entire device to malware just to | save a couple bucks on games. | chucka9 wrote: | Saving money is not the only reason to pirate content. | | Some things aren't available in my region and never will be (as | they are 20+ years old). | | Some things are presented via a crap app, in dubious formats or | with truely horrible DRM. I pirate plenty of shows that I have | legal access to or own. | pftburger wrote: | The way I see it piracy is mostly a UX problem. | | Often the UX of pirating a thing is easier than legally | acquiring it. | | Maybe not true for AAA games, but def true for most | movies/series. | | If your outside of the US, often a lot of content isn't even | available because of shitty geo licensing | andrewzah wrote: | > If your outside of the US, often a lot of content isn't | even available because of shitty geo licensing | | This is one case where I understand people pirating. I | watch some shows from other countries that simply are not | published in the US or aren't for sale at all. And | sometimes if they are available, certain elements are | changed due to copyright reasons so it's not exactly the | same. | | Another reason would be horrible DRM. Again, I wouldn't | recommend pirating based on that, but I do understand it. | Pirated content doesn't have DRM dictating when, where, or | what time(s) I can view the damn thing I paid money for. I | also find it fine if someone buys a DRM-locked product, | then pirates the same thing to avoid dealing with the DRM. | gjsman-1000 wrote: | When developers complain about the walled garden, something that | they often forget to factor in is how hard piracy is on iOS and | other locked down devices. If iOS was open, how much of a revenue | drop would developers receive? I don't know what it is, but it is | not like the devs are going to get 25% more money by bypassing | Apple's commission. | | If you open the iPhone, yay, you don't pay the Apple tax, but now | you've got piracy that wasn't there. You replaced Apple tax with | Pirate tax. | | For the record, I still support unlocking iPhones and other such | devices. I'm just in doubt that removing Apple 30% cut = 25% more | money after credit card fees. Maybe 5-10% more money if any? | | If I was a smaller developer making less than a million a year | and only paying the 15% commission (or 10% after credit cards) I | might find myself wanting Epic and other unlock attempts to fail, | for fear the pirates will be worse than Apple's cut. | slim wrote: | Apple is grooming high value consumers. If your product targets | those consumers, piracy does not matter, because they are well | behaved carefully selected to buy your product at a price point | that makes your product profitable even with the apple cut. | It's the living proof that you can pay for your product and | still be the product and be happy about it. | enraged_camel wrote: | I think this analysis is fairly shallow. A lot of people | pirate things not because they cannot afford the actual | thing, but because they _can_. | | Furthermore, over the years the percentage of paid apps on | the App Store has decreased. What this means is that the | opposite of what you claim is true: iOS users have been | trained to prefer free things. | michaelmrose wrote: | Seems like it would be a fun project to find the culprit and see | if they can be prosecuted unlike most of the people downloading | such files considering only their actions are in fact criminal vs | civil. | rozab wrote: | >Padding it out with racist slurs told me all I needed to know | about its creator. | | Clearly that is the intent. These companies have no shame. | Remember Sony's response to their rootkit being discovered? | https://en.m.wikipedia.org/wiki/Sony_BMG_copy_protection_roo... | chucka9 wrote: | > These companies have no shame. | | Do you think this was backed by companies? It seems reasonable | to suspect it, but it's a issue radioactive now so won't be | easy to find out. | cortesoft wrote: | If it was backed by companies, it would probably be funded by | a 'trade group' funded by the companies, to have three layers | of indirection to protect themselves. | perihelions wrote: | The fraud on the FCC's public comment process is an object | lesson. The fraud itself (fake FCC comments under false and | stolen identities) was committed by social media | consultants with names like "Fluent"*, "Opt-Intelligence", | and "React2Media". They were in turn hired by the trade | group "Broadband for America", with contractual language | that keeps BfA at arms length from the crimes. BfA in turn | is a separate entity from the large ISP's that fund and | direct it -- the biggest ones being Comcast, Charter, and | AT&T. Two levels of indirection. | | *(Unrelated to the CFD software, obviously) | | This was the stuff the New York AG investigation unraveled: | | https://ag.ny.gov/press-release/2021/attorney-general- | james-... | | https://arstechnica.com/tech-policy/2021/05/biggest-isps- | pai... | | (From _Ars_ : "With broadband companies having used third- | party vendors to conduct the campaign, the AG said it found | no evidence that ISPs themselves "had direct knowledge" of | the fraudulent behavior.") | na85 wrote: | >Do you think this was backed by companies? | | Frankly I'd be shocked if it wasn't. | marcosdumay wrote: | There are all kinds of crazy people out there. There could | easily be somebody with a burning desire to fight IP | piracy. | bitwize wrote: | I think it was commissioned by a company and written by a | teen or twentysomething jerk. Raising hackles by throwing | N-words around is a favorite pastime of young assholes. Don't | think that because 4chan cracked down on that sort of thing | that it doesn't still go on in certain communities. | devenblake wrote: | 4chan might've cracked down on the racism, like, a decade | ago, in the moot era. Have you been there lately? /pol/ | took over and basically homogenized every board. | edgyquant wrote: | If 4chan cracked down on racism they did the worst job I | could possibly imagine. You can't even go to the fit or | tv boards without running into literal, unapologetic, | white supremacist views. | devenblake wrote: | 8chan _if I recall_ formed because 4chan did away with | /pol/ way way back for being too toxic to the rest of the | site (it's meant to contain the scum, not breed it). | 4chan eventually re-added /pol/, and 8chan, well, you | know the rest there. | xupybd wrote: | Perhaps an attempt at connecting anti piracy with racism? | | It seems very strange. | azinman2 wrote: | I'm not seeing the connection between Sony and racial slurs. In | fact, especially without knowing what racial slur this is, it | tells me very little about the creators intent. | DangitBobby wrote: | They are saying the slurs could be intended to throw you off | of the corporate scent and should be discarded as any | evidence one way or the other who commissioned the creation. | tedunangst wrote: | It seems like most people are saying that all evidence | found and all evidence not found should be interpreted to | prove Sony or the MPAA or whoever is responsible. Evidence | they didn't is fake and proof they did. Absence of evidence | is proof of a coverup. | edgyquant wrote: | Sounds like your typical conspiracy theory. | rozab wrote: | The point is Sony continued to deny the existence of the | rootkit for years, despite overwhelming evidence. If this | malware was commissioned by the MPAA or something, I think | they would have no issue with telling whatever morally | dubious firm they hired to make it look like it came from | stereotypical hacker types. They know that security blogs | love to make conclusions on the origins of malware based on | strings that could be trivially obscured. | Nicksil wrote: | https://en.wikipedia.org/wiki/Sony_BMG_copy_protection_rootk... | anoncow wrote: | Are people still pirating software? Apart from kids trying out | software, people from countries where the product is not | officially available or is exhorbitantly priced as compared to | their purchasing power, I doubt there is a reason to pirate. Most | tools have alternatives available or an easy on the pocket | subscription plan (Adobe is an exception, subscription plans | should not come with a lock-in, no matter how you justify it). | f6v wrote: | > or is exhorbitantly priced as compared to their purchasing | power, I doubt there is a reason to pirate. | | I don't think it's an overstatement to say that hundreds of | millions of people can't afford an 80 EUR/USD game. | andrewzah wrote: | Then don't buy it. | | Right now, I can't afford to buy a classic '60s gibson | guitar. That doesn't give me the license to go out and steal | one, -because I want one-. | | If modern AAA games are too much at $80, then don't buy them. | There are significantly cheaper alternatives on PC, as well | as the possibility of waiting for deals or buying used. High | prices don't justify pirating. | retrac wrote: | A better analogy would be making yourself an exact | duplicate of a Gibson guitar, at home with a 3D printer. | I'm not sure that should be illegal, at least if you take | the trademark off it. | knz_ wrote: | I pirate everything. Honestly, the only things I don't pirate | are like 1-2 games a year that me and some friends end up | playing together. For software I generally just run whatever | FOSS thing I can find, and in the case of movies and music I | have never spent a cent on them in my life. I've been pirating | since I started using a computer. | | The same rich people trying to sell predatory subscriptions and | vendor lock-in are the same ones trying to raise my rent and | food bill every year, so I have no incentive to give them money | for pointless entertainment on top of that. | andrewzah wrote: | You realize that actual people work on those things that you | pirate, right? That those people also need to get paid so | they can have food on the table? It's one thing to not buy | any media at all, but it's contradictory to enjoy media | produced by people and then not want to pay them. Their work | isn't less valuable because it's related to media production | instead of engineering or whatever. | NikolaNovak wrote: | "If I don't have to pay for it then their work was | objectively unproductive. It's an inherent failure of | market economics" | | I feel I'm reading Deepak Chopra - individual words are | fine and you'd swear sentence should make sense... But it | doesn't, no matter how many times you read it. | | Not paying for something makes it unproductive? And you | don't feel there are easy trivial immediate counter- | examples for your axiom with big-boy words? | andrewzah wrote: | I'm not sure what you've quoted, because that is -not- | what I said. | | People should be paid for their work. Pirating doesn't | pay them for their work. Work includes art and media. I'm | not sure how I can state this more simply. | | I'm not sure why this is even a complicated topic. With | literally everything else, if you want something, you | need to pay to acquire it because it took time and | resources to make. That doesn't go away just because the | end product is digital. | knz_ wrote: | > You realize that actual people work on those things that | you pirate, right? | | I don't care. | | > Their work isn't less valuable because it's related to | media production instead of engineering or whatever. | | If I don't have to pay for it then their work was | objectively unproductive. It's an inherent failure of | market economics. | pault wrote: | It's not as if you're obligated to buy their products, | therefore need to find a less expensive workaround. If you | don't like the people producing them and think they're | overpriced, play dwarf fortress or watch TV. There are some | obviously valid reasons for pirating, but I don't understand | this sense of entitlement. | bellyfullofbac wrote: | Funny how you try to justify it. I also pirate, but I know | I'm a thieving cheap bastard... | NikolaNovak wrote: | Many people have pirated; includes myself when I was a | teenager in developing country. I don't pirate now as its | worth neither risk nor time but I can't claim some weird | moral high ground - it's a complex issue with nuances and | circumstances. | | But I still find it intriguing when I see rambling half baked | internally self-contradictory attempts at moral justification | - do you believe what you said there? Do you even know what | you said there? Cause I'm having a hard time following - Food | has inflation therefore I'll pirate movies even though | they're pointless, and this is just and right? | | It takes minimal amount of empathy and observation to notice | hard work talented creative people put into "pointless | entertainment", so just like I don't buy the notion that | every pirate is evil sociopathic villain, so I don't buy | notion that watching entertainment for free is inherent right | and creators don't deserve any compensation ever. If | anything, this type of incoherence and self righteousness | feeds exactly the stereotype mpaa / riaa try to portray... | ratsforhorses wrote: | I agree, but would it be agreeable and right if one was to | have a free but lower quality version (smaller screen, | shortened game, program with fewer options) allowing | eyeballs and consumers to best gauge a products quality and | thereby validate paying for integral or physical product | (licenced/dvd/etc) rather than have a moralistic black and | white view (generally held) of pirating bad , paying good | (I certainly don't mean you in this case and am just trying | to point to a middle way.. | underseacables wrote: | Adobe products are really the only software I advocate | pirating. There's a lot of great software out there and we | should pay for it, but some companies have just turned to greed | and screwing over customers. | bscphil wrote: | Just the other day, I was talking about the difficulty of | monetizing an app I wanted to build with my partner. We | agreed that the app had an extremely small target audience - | university types for whom the app would provide hundreds of | dollars of value a year (paid out of their grants, not their | salary). The problem is that absolutely no one pays >= $100 | for a phone app. | | Adobe was in the same situation years ago. It provided | products generating thousands of dollars in value a year for | professionals and the corporate world. Photoshop CS6 cost | $700, the version of it for "students" $250. This put it well | out of the budget range of most ordinary people. Photoshop | was built for a relatively small target audience. You might | argue that piracy was the normal, expected solution to this. | The "real" customers were supposed to pay for it. Either way, | this generated a lot of ill will toward Adobe and turned | pirating Photoshop into a bit of a meme. | | That changed when Adobe realized you could nickle and dime | people out of the same amount of money in the long run. The | photography subscription (Photoshop + Lightroom) costs $720 | over six years. Given that Adobe offered upgrade promotions | (e.g. CS5 to CS6) for about half off, it's roughly the same | price as it was before. This approach makes it much more | palatable to the average consumer (for the same reason that | people are willing to buy sofas on payment plans). The only | people this pisses off are a handful of hardcore users who | expect to "own" all the software they use, but probably not | the corporate world which is used to paying subscriptions. It | almost certainly makes them far more money through making the | software available to those who can't (or won't) pay the one- | time price. | hyperman1 wrote: | Pirating Adobe tools = training people in their usage. Their | job will then pay for Adobe, as they already know it. If you | want to hurt Adobe, advocate not pirating them and point | users to alternatives | andrewzah wrote: | There are cheaper alternatives, such as Affinity Designer, | Sketch, etc, depending on your use case. As others have | mentioned, even if you pirate adobe, by using their products | you reinforce the influence adobe has. | | Now as far as I know, there aren't any -good- film editing | alternatives that are free. I have tried a fair few open | source alternatives and they are pitiful compared to adobe | premiere. So while I can't recommend pirating, if you're a | film student... I can understand it. It's how the industry | is, sadly. | stordoff wrote: | > there aren't any -good- film editing alternatives that | are free | | I've only used it for fairly basic work, but DaVinci | Resolve[1] seems pretty good. Not open source, but the free | version is licenced for commercial use and AFAICT it seems | to have a fairly complete feature set. I suspect it would | be sufficient for many use cases. | | [1] https://www.blackmagicdesign.com/uk/products/davincires | olve/... | caslon wrote: | Is there a prediction market going for whether the MPAA is | eventually found to be behind this? | tyingq wrote: | _" When viewed through a hex editor, the executables also | contain a racial epithet that's repeated more than 1,000 times | followed by a large, randomly sized block of alphabetical | characters."_ | | Seems like it wouldn't be a good look for them if so. | caslon wrote: | Has the MPAA ever been particularly prone to acting | ethically? Throwing in some slurs to throw people off their | trail seems very much like something they would do. | | _The MPAA itself has been accused of copyright infringement | on multiple occasions. In 2007, the creator of a blogging | platform called Forest Blog accused the MPAA of violating the | license for the platform, which required that users link back | to the Forest Blog website. The MPAA had used the platform | for its own blog, but without linking back to the Forest Blog | website. The MPAA subsequently took the blog offline, and | explained that the software had been used on a test basis and | the blog had never been publicized.[121][122] | | Also in 2007, the MPAA released a software toolkit for | universities to help identify cases of file sharing on | campus. The software used parts of the Ubuntu Linux | distribution, released under the General Public License, | which stipulates that the source code of any projects using | the distribution be made available to third parties. The | source code for the MPAA's toolkit, however, was not made | available. When the MPAA was made aware of the violation, the | software toolkit was removed from their website.[123] | | In 2006, the MPAA admitted having made illegal copies of This | Film Is Not Yet Rated (a documentary exploring the MPAA | itself and the history of its rating system)[124] -- an act | which Ars Technica explicitly described as hypocrisy[125] and | which Roger Ebert called "rich irony".[126]_ | opheliate wrote: | Could also be a rival torrent site? I haven't seen the full | altered hosts file, but from the screenshots it would appear | only TPB/proxies are listed. I can see a lot of people finding | that they can't access TPB and thinking, oh, I'll use (e.g:) | 1337x instead. | vsareto wrote: | lmfao. Imagine being good enough to code malware that does this | and wasting your efforts on something like this. | | Look, if you have skills like these, you're special. Don't | fucking waste it on building malware for corporate asshats. | tyingq wrote: | It doesn't sound like particulary clever malware to me. It | sends a filename to some logging service, then opens the | windows hosts file and adds some lines to it. And it's only run | because the downloader thinks it's some pirated software or | keygen. | | Not to say there aren't some folks wasting time on more clever | malware. | Frost1x wrote: | This is definitely no Stuxnet or even remotely close. In | fact, it's not even a very new strategy, themes of this have | been done several times to varying degrees of sophistication. | vsareto wrote: | That's what I mean. The bar is pretty low, and yet someone | chose to go _even lower_. | rsgrn wrote: | So if you have these skills or interests, what should you do | with them? | vsareto wrote: | Blue team at companies | | Red team at pentest companies | | Law enforcement | | Just about any level of effort will be better spent than | going after software pirates, even if you end up only doing | entry level jobs. Throw a dart blindfolded and you'll | probably end up better than this. | anoncow wrote: | Better that they sell their souls to corporates the usual way. | contravariant wrote: | Violating people's computers directly isn't better in any way | shape of form. | fr2null wrote: | These skills are not that special. As far as I understand it, | there are no exploits being used and editing the hosts file is | not particularly hard. I expect that the executable is | voluntary run by the user, since the user expects to run a real | application/installer anyways. | vsareto wrote: | >These skills are not that special. | | If you can do this, you can learn more advanced stuff. | Society has bigger problems than getting some free software, | and it's not just a lesser problem - it's scraping the bottom | of the barrel of justice. | | If someone needed to write this to pay bills, I get it, but | they should immediately take this and use it to get a better | job. | somethingwitty1 wrote: | I'm going to agree with the others here, this doesn't sound | very complicated at all. This is week 1/2 of many | programming courses: basic network request, write to a file | and fill your app with a bunch of text. For many languages, | this is often their intro tutorial. I wouldn't use this as | an example that the person can do more advanced stuff. | | But I do agree with your sentiment, people doing things | like this should apply their talents to better causes. | Jimmc414 wrote: | The irony is that by adding these 82 pirate sites to the hosts | file and having this action publicized, the malware writers are | inadvertently promoting a list of 82 sites where users can | download pirated software. | | https://en.wikipedia.org/wiki/Streisand_effect | eric__cartman wrote: | I would take that as a list of 82 sites to avoid when looking | for pirated software. | judge2020 wrote: | It's mainly a list of pirate bay sites and proxies. Why would | their inclusion in this blocklist be a reason to avoid them? | underseacables wrote: | The main take away I get from this is ..a list of torrent sites. | bluefirebrand wrote: | All of them are honeypots nowadays though | afrcnc wrote: | These reports are so misleading. This is junk malware uploaded on | VirusTotal, not something seen in the wild. | chayleaf wrote: | My friend did catch it (or a similar virus), so it can be seen | in the wild indeed | | No it's not me, I don't even play games that much ___________________________________________________________________ (page generated 2021-06-19 23:00 UTC)