[HN Gopher] Newly discovered Vigilante malware outs software pir...
___________________________________________________________________
Newly discovered Vigilante malware outs software pirates and blocks
them
Author : pseudolus
Score : 94 points
Date : 2021-06-19 10:13 UTC (12 hours ago)
(HTM) web link (arstechnica.com)
(TXT) w3m dump (arstechnica.com)
| jchristian- wrote:
| Anyone has the list of sites blocked by Vigilante? For research
| purposes.
| bserge wrote:
| I am against piracy on principle. All of my employers know how
| hard I work to protect their IP.
| gjsman-1000 wrote:
| What principle might that be?
| [deleted]
| bserge wrote:
| IP is incredibly important and we must all protect it at all
| cost. My wage and health are nothing compared to the
| employers' properties and wealth. I would die for them.
| andrewzah wrote:
| Then don't buy media. But don't pirate it either.
|
| Media takes money and lots of man-hours of people working
| in order to produce things. They, too, need to get paid,
| regardless of whatever principles you hold personally.
|
| edit: kindly stop shadow-editing comments. Your comment is
| completely different now from the one that I replied to.
| slim wrote:
| It seems this person will be happy if the whole
| entertainement industry disappeared
| bserge wrote:
| In the beginning the Universe was created. This has made
| a lot of people very angry and been widely regarded as a
| bad move.
| bserge wrote:
| Indeed, the media companies deserve their money. The
| artists should be grateful for the opportunity to become
| famous even if they don't make that much money and we
| should all pay to see the same Marvel movie rewritten 10
| times. Nothing better exists in this world.
| andrewzah wrote:
| That is not what I was discussing at all.
|
| You can justify it to yourself however you want, but
| normal people, like you and I, work on movies, books,
| games, etc. Like us, they also need to get paid. It is
| entitlement to not want to pay for their work yet still
| consume it, and it's also dismissive of the huge amount
| of work that actually goes into the production of media.
|
| edit: kindly stop completely changing your comments with
| shadow-edits.
| ganzuul wrote:
| I will die with a smug grin on my face that I did not waste
| time watching ads on TV since I was 22 or so.
| andrewzah wrote:
| Note: the original comment was akin to "I refuse to pay for
| media on principle". bserge has shadow-edited several comments
| in this chain from what they were originally.
| zahrc wrote:
| I've been sailing the high seas of illegal downloading since I
| can remember. Back in the days simply because I couldn't afford
| it or wasn't allowed to buy it. Nowadays it's only TV shows.
|
| Anyway, writing something to a HOST file is not that
| incredible... regarding the motive, that might as well be a
| troll, or an attempt to drive traffic to private trackers.
| f6v wrote:
| Calling it "Vigilante" is a stretch.
| ArkanExplorer wrote:
| Its bamboozling that in this new age of 'deplatforming', that
| video and game entertainment companies have not pushed ISPs,
| nations, or tech companies harder to deplatform torrent sites. It
| would yield pretty major benefits for minor effort.
|
| Its also strange that people are willing to spend $thousands on a
| gaming PC, and then risk their entire device to malware just to
| save a couple bucks on games.
| chucka9 wrote:
| Saving money is not the only reason to pirate content.
|
| Some things aren't available in my region and never will be (as
| they are 20+ years old).
|
| Some things are presented via a crap app, in dubious formats or
| with truely horrible DRM. I pirate plenty of shows that I have
| legal access to or own.
| pftburger wrote:
| The way I see it piracy is mostly a UX problem.
|
| Often the UX of pirating a thing is easier than legally
| acquiring it.
|
| Maybe not true for AAA games, but def true for most
| movies/series.
|
| If your outside of the US, often a lot of content isn't even
| available because of shitty geo licensing
| andrewzah wrote:
| > If your outside of the US, often a lot of content isn't
| even available because of shitty geo licensing
|
| This is one case where I understand people pirating. I
| watch some shows from other countries that simply are not
| published in the US or aren't for sale at all. And
| sometimes if they are available, certain elements are
| changed due to copyright reasons so it's not exactly the
| same.
|
| Another reason would be horrible DRM. Again, I wouldn't
| recommend pirating based on that, but I do understand it.
| Pirated content doesn't have DRM dictating when, where, or
| what time(s) I can view the damn thing I paid money for. I
| also find it fine if someone buys a DRM-locked product,
| then pirates the same thing to avoid dealing with the DRM.
| gjsman-1000 wrote:
| When developers complain about the walled garden, something that
| they often forget to factor in is how hard piracy is on iOS and
| other locked down devices. If iOS was open, how much of a revenue
| drop would developers receive? I don't know what it is, but it is
| not like the devs are going to get 25% more money by bypassing
| Apple's commission.
|
| If you open the iPhone, yay, you don't pay the Apple tax, but now
| you've got piracy that wasn't there. You replaced Apple tax with
| Pirate tax.
|
| For the record, I still support unlocking iPhones and other such
| devices. I'm just in doubt that removing Apple 30% cut = 25% more
| money after credit card fees. Maybe 5-10% more money if any?
|
| If I was a smaller developer making less than a million a year
| and only paying the 15% commission (or 10% after credit cards) I
| might find myself wanting Epic and other unlock attempts to fail,
| for fear the pirates will be worse than Apple's cut.
| slim wrote:
| Apple is grooming high value consumers. If your product targets
| those consumers, piracy does not matter, because they are well
| behaved carefully selected to buy your product at a price point
| that makes your product profitable even with the apple cut.
| It's the living proof that you can pay for your product and
| still be the product and be happy about it.
| enraged_camel wrote:
| I think this analysis is fairly shallow. A lot of people
| pirate things not because they cannot afford the actual
| thing, but because they _can_.
|
| Furthermore, over the years the percentage of paid apps on
| the App Store has decreased. What this means is that the
| opposite of what you claim is true: iOS users have been
| trained to prefer free things.
| michaelmrose wrote:
| Seems like it would be a fun project to find the culprit and see
| if they can be prosecuted unlike most of the people downloading
| such files considering only their actions are in fact criminal vs
| civil.
| rozab wrote:
| >Padding it out with racist slurs told me all I needed to know
| about its creator.
|
| Clearly that is the intent. These companies have no shame.
| Remember Sony's response to their rootkit being discovered?
| https://en.m.wikipedia.org/wiki/Sony_BMG_copy_protection_roo...
| chucka9 wrote:
| > These companies have no shame.
|
| Do you think this was backed by companies? It seems reasonable
| to suspect it, but it's a issue radioactive now so won't be
| easy to find out.
| cortesoft wrote:
| If it was backed by companies, it would probably be funded by
| a 'trade group' funded by the companies, to have three layers
| of indirection to protect themselves.
| perihelions wrote:
| The fraud on the FCC's public comment process is an object
| lesson. The fraud itself (fake FCC comments under false and
| stolen identities) was committed by social media
| consultants with names like "Fluent"*, "Opt-Intelligence",
| and "React2Media". They were in turn hired by the trade
| group "Broadband for America", with contractual language
| that keeps BfA at arms length from the crimes. BfA in turn
| is a separate entity from the large ISP's that fund and
| direct it -- the biggest ones being Comcast, Charter, and
| AT&T. Two levels of indirection.
|
| *(Unrelated to the CFD software, obviously)
|
| This was the stuff the New York AG investigation unraveled:
|
| https://ag.ny.gov/press-release/2021/attorney-general-
| james-...
|
| https://arstechnica.com/tech-policy/2021/05/biggest-isps-
| pai...
|
| (From _Ars_ : "With broadband companies having used third-
| party vendors to conduct the campaign, the AG said it found
| no evidence that ISPs themselves "had direct knowledge" of
| the fraudulent behavior.")
| na85 wrote:
| >Do you think this was backed by companies?
|
| Frankly I'd be shocked if it wasn't.
| marcosdumay wrote:
| There are all kinds of crazy people out there. There could
| easily be somebody with a burning desire to fight IP
| piracy.
| bitwize wrote:
| I think it was commissioned by a company and written by a
| teen or twentysomething jerk. Raising hackles by throwing
| N-words around is a favorite pastime of young assholes. Don't
| think that because 4chan cracked down on that sort of thing
| that it doesn't still go on in certain communities.
| devenblake wrote:
| 4chan might've cracked down on the racism, like, a decade
| ago, in the moot era. Have you been there lately? /pol/
| took over and basically homogenized every board.
| edgyquant wrote:
| If 4chan cracked down on racism they did the worst job I
| could possibly imagine. You can't even go to the fit or
| tv boards without running into literal, unapologetic,
| white supremacist views.
| devenblake wrote:
| 8chan _if I recall_ formed because 4chan did away with
| /pol/ way way back for being too toxic to the rest of the
| site (it's meant to contain the scum, not breed it).
| 4chan eventually re-added /pol/, and 8chan, well, you
| know the rest there.
| xupybd wrote:
| Perhaps an attempt at connecting anti piracy with racism?
|
| It seems very strange.
| azinman2 wrote:
| I'm not seeing the connection between Sony and racial slurs. In
| fact, especially without knowing what racial slur this is, it
| tells me very little about the creators intent.
| DangitBobby wrote:
| They are saying the slurs could be intended to throw you off
| of the corporate scent and should be discarded as any
| evidence one way or the other who commissioned the creation.
| tedunangst wrote:
| It seems like most people are saying that all evidence
| found and all evidence not found should be interpreted to
| prove Sony or the MPAA or whoever is responsible. Evidence
| they didn't is fake and proof they did. Absence of evidence
| is proof of a coverup.
| edgyquant wrote:
| Sounds like your typical conspiracy theory.
| rozab wrote:
| The point is Sony continued to deny the existence of the
| rootkit for years, despite overwhelming evidence. If this
| malware was commissioned by the MPAA or something, I think
| they would have no issue with telling whatever morally
| dubious firm they hired to make it look like it came from
| stereotypical hacker types. They know that security blogs
| love to make conclusions on the origins of malware based on
| strings that could be trivially obscured.
| Nicksil wrote:
| https://en.wikipedia.org/wiki/Sony_BMG_copy_protection_rootk...
| anoncow wrote:
| Are people still pirating software? Apart from kids trying out
| software, people from countries where the product is not
| officially available or is exhorbitantly priced as compared to
| their purchasing power, I doubt there is a reason to pirate. Most
| tools have alternatives available or an easy on the pocket
| subscription plan (Adobe is an exception, subscription plans
| should not come with a lock-in, no matter how you justify it).
| f6v wrote:
| > or is exhorbitantly priced as compared to their purchasing
| power, I doubt there is a reason to pirate.
|
| I don't think it's an overstatement to say that hundreds of
| millions of people can't afford an 80 EUR/USD game.
| andrewzah wrote:
| Then don't buy it.
|
| Right now, I can't afford to buy a classic '60s gibson
| guitar. That doesn't give me the license to go out and steal
| one, -because I want one-.
|
| If modern AAA games are too much at $80, then don't buy them.
| There are significantly cheaper alternatives on PC, as well
| as the possibility of waiting for deals or buying used. High
| prices don't justify pirating.
| retrac wrote:
| A better analogy would be making yourself an exact
| duplicate of a Gibson guitar, at home with a 3D printer.
| I'm not sure that should be illegal, at least if you take
| the trademark off it.
| knz_ wrote:
| I pirate everything. Honestly, the only things I don't pirate
| are like 1-2 games a year that me and some friends end up
| playing together. For software I generally just run whatever
| FOSS thing I can find, and in the case of movies and music I
| have never spent a cent on them in my life. I've been pirating
| since I started using a computer.
|
| The same rich people trying to sell predatory subscriptions and
| vendor lock-in are the same ones trying to raise my rent and
| food bill every year, so I have no incentive to give them money
| for pointless entertainment on top of that.
| andrewzah wrote:
| You realize that actual people work on those things that you
| pirate, right? That those people also need to get paid so
| they can have food on the table? It's one thing to not buy
| any media at all, but it's contradictory to enjoy media
| produced by people and then not want to pay them. Their work
| isn't less valuable because it's related to media production
| instead of engineering or whatever.
| NikolaNovak wrote:
| "If I don't have to pay for it then their work was
| objectively unproductive. It's an inherent failure of
| market economics"
|
| I feel I'm reading Deepak Chopra - individual words are
| fine and you'd swear sentence should make sense... But it
| doesn't, no matter how many times you read it.
|
| Not paying for something makes it unproductive? And you
| don't feel there are easy trivial immediate counter-
| examples for your axiom with big-boy words?
| andrewzah wrote:
| I'm not sure what you've quoted, because that is -not-
| what I said.
|
| People should be paid for their work. Pirating doesn't
| pay them for their work. Work includes art and media. I'm
| not sure how I can state this more simply.
|
| I'm not sure why this is even a complicated topic. With
| literally everything else, if you want something, you
| need to pay to acquire it because it took time and
| resources to make. That doesn't go away just because the
| end product is digital.
| knz_ wrote:
| > You realize that actual people work on those things that
| you pirate, right?
|
| I don't care.
|
| > Their work isn't less valuable because it's related to
| media production instead of engineering or whatever.
|
| If I don't have to pay for it then their work was
| objectively unproductive. It's an inherent failure of
| market economics.
| pault wrote:
| It's not as if you're obligated to buy their products,
| therefore need to find a less expensive workaround. If you
| don't like the people producing them and think they're
| overpriced, play dwarf fortress or watch TV. There are some
| obviously valid reasons for pirating, but I don't understand
| this sense of entitlement.
| bellyfullofbac wrote:
| Funny how you try to justify it. I also pirate, but I know
| I'm a thieving cheap bastard...
| NikolaNovak wrote:
| Many people have pirated; includes myself when I was a
| teenager in developing country. I don't pirate now as its
| worth neither risk nor time but I can't claim some weird
| moral high ground - it's a complex issue with nuances and
| circumstances.
|
| But I still find it intriguing when I see rambling half baked
| internally self-contradictory attempts at moral justification
| - do you believe what you said there? Do you even know what
| you said there? Cause I'm having a hard time following - Food
| has inflation therefore I'll pirate movies even though
| they're pointless, and this is just and right?
|
| It takes minimal amount of empathy and observation to notice
| hard work talented creative people put into "pointless
| entertainment", so just like I don't buy the notion that
| every pirate is evil sociopathic villain, so I don't buy
| notion that watching entertainment for free is inherent right
| and creators don't deserve any compensation ever. If
| anything, this type of incoherence and self righteousness
| feeds exactly the stereotype mpaa / riaa try to portray...
| ratsforhorses wrote:
| I agree, but would it be agreeable and right if one was to
| have a free but lower quality version (smaller screen,
| shortened game, program with fewer options) allowing
| eyeballs and consumers to best gauge a products quality and
| thereby validate paying for integral or physical product
| (licenced/dvd/etc) rather than have a moralistic black and
| white view (generally held) of pirating bad , paying good
| (I certainly don't mean you in this case and am just trying
| to point to a middle way..
| underseacables wrote:
| Adobe products are really the only software I advocate
| pirating. There's a lot of great software out there and we
| should pay for it, but some companies have just turned to greed
| and screwing over customers.
| bscphil wrote:
| Just the other day, I was talking about the difficulty of
| monetizing an app I wanted to build with my partner. We
| agreed that the app had an extremely small target audience -
| university types for whom the app would provide hundreds of
| dollars of value a year (paid out of their grants, not their
| salary). The problem is that absolutely no one pays >= $100
| for a phone app.
|
| Adobe was in the same situation years ago. It provided
| products generating thousands of dollars in value a year for
| professionals and the corporate world. Photoshop CS6 cost
| $700, the version of it for "students" $250. This put it well
| out of the budget range of most ordinary people. Photoshop
| was built for a relatively small target audience. You might
| argue that piracy was the normal, expected solution to this.
| The "real" customers were supposed to pay for it. Either way,
| this generated a lot of ill will toward Adobe and turned
| pirating Photoshop into a bit of a meme.
|
| That changed when Adobe realized you could nickle and dime
| people out of the same amount of money in the long run. The
| photography subscription (Photoshop + Lightroom) costs $720
| over six years. Given that Adobe offered upgrade promotions
| (e.g. CS5 to CS6) for about half off, it's roughly the same
| price as it was before. This approach makes it much more
| palatable to the average consumer (for the same reason that
| people are willing to buy sofas on payment plans). The only
| people this pisses off are a handful of hardcore users who
| expect to "own" all the software they use, but probably not
| the corporate world which is used to paying subscriptions. It
| almost certainly makes them far more money through making the
| software available to those who can't (or won't) pay the one-
| time price.
| hyperman1 wrote:
| Pirating Adobe tools = training people in their usage. Their
| job will then pay for Adobe, as they already know it. If you
| want to hurt Adobe, advocate not pirating them and point
| users to alternatives
| andrewzah wrote:
| There are cheaper alternatives, such as Affinity Designer,
| Sketch, etc, depending on your use case. As others have
| mentioned, even if you pirate adobe, by using their products
| you reinforce the influence adobe has.
|
| Now as far as I know, there aren't any -good- film editing
| alternatives that are free. I have tried a fair few open
| source alternatives and they are pitiful compared to adobe
| premiere. So while I can't recommend pirating, if you're a
| film student... I can understand it. It's how the industry
| is, sadly.
| stordoff wrote:
| > there aren't any -good- film editing alternatives that
| are free
|
| I've only used it for fairly basic work, but DaVinci
| Resolve[1] seems pretty good. Not open source, but the free
| version is licenced for commercial use and AFAICT it seems
| to have a fairly complete feature set. I suspect it would
| be sufficient for many use cases.
|
| [1] https://www.blackmagicdesign.com/uk/products/davincires
| olve/...
| caslon wrote:
| Is there a prediction market going for whether the MPAA is
| eventually found to be behind this?
| tyingq wrote:
| _" When viewed through a hex editor, the executables also
| contain a racial epithet that's repeated more than 1,000 times
| followed by a large, randomly sized block of alphabetical
| characters."_
|
| Seems like it wouldn't be a good look for them if so.
| caslon wrote:
| Has the MPAA ever been particularly prone to acting
| ethically? Throwing in some slurs to throw people off their
| trail seems very much like something they would do.
|
| _The MPAA itself has been accused of copyright infringement
| on multiple occasions. In 2007, the creator of a blogging
| platform called Forest Blog accused the MPAA of violating the
| license for the platform, which required that users link back
| to the Forest Blog website. The MPAA had used the platform
| for its own blog, but without linking back to the Forest Blog
| website. The MPAA subsequently took the blog offline, and
| explained that the software had been used on a test basis and
| the blog had never been publicized.[121][122]
|
| Also in 2007, the MPAA released a software toolkit for
| universities to help identify cases of file sharing on
| campus. The software used parts of the Ubuntu Linux
| distribution, released under the General Public License,
| which stipulates that the source code of any projects using
| the distribution be made available to third parties. The
| source code for the MPAA's toolkit, however, was not made
| available. When the MPAA was made aware of the violation, the
| software toolkit was removed from their website.[123]
|
| In 2006, the MPAA admitted having made illegal copies of This
| Film Is Not Yet Rated (a documentary exploring the MPAA
| itself and the history of its rating system)[124] -- an act
| which Ars Technica explicitly described as hypocrisy[125] and
| which Roger Ebert called "rich irony".[126]_
| opheliate wrote:
| Could also be a rival torrent site? I haven't seen the full
| altered hosts file, but from the screenshots it would appear
| only TPB/proxies are listed. I can see a lot of people finding
| that they can't access TPB and thinking, oh, I'll use (e.g:)
| 1337x instead.
| vsareto wrote:
| lmfao. Imagine being good enough to code malware that does this
| and wasting your efforts on something like this.
|
| Look, if you have skills like these, you're special. Don't
| fucking waste it on building malware for corporate asshats.
| tyingq wrote:
| It doesn't sound like particulary clever malware to me. It
| sends a filename to some logging service, then opens the
| windows hosts file and adds some lines to it. And it's only run
| because the downloader thinks it's some pirated software or
| keygen.
|
| Not to say there aren't some folks wasting time on more clever
| malware.
| Frost1x wrote:
| This is definitely no Stuxnet or even remotely close. In
| fact, it's not even a very new strategy, themes of this have
| been done several times to varying degrees of sophistication.
| vsareto wrote:
| That's what I mean. The bar is pretty low, and yet someone
| chose to go _even lower_.
| rsgrn wrote:
| So if you have these skills or interests, what should you do
| with them?
| vsareto wrote:
| Blue team at companies
|
| Red team at pentest companies
|
| Law enforcement
|
| Just about any level of effort will be better spent than
| going after software pirates, even if you end up only doing
| entry level jobs. Throw a dart blindfolded and you'll
| probably end up better than this.
| anoncow wrote:
| Better that they sell their souls to corporates the usual way.
| contravariant wrote:
| Violating people's computers directly isn't better in any way
| shape of form.
| fr2null wrote:
| These skills are not that special. As far as I understand it,
| there are no exploits being used and editing the hosts file is
| not particularly hard. I expect that the executable is
| voluntary run by the user, since the user expects to run a real
| application/installer anyways.
| vsareto wrote:
| >These skills are not that special.
|
| If you can do this, you can learn more advanced stuff.
| Society has bigger problems than getting some free software,
| and it's not just a lesser problem - it's scraping the bottom
| of the barrel of justice.
|
| If someone needed to write this to pay bills, I get it, but
| they should immediately take this and use it to get a better
| job.
| somethingwitty1 wrote:
| I'm going to agree with the others here, this doesn't sound
| very complicated at all. This is week 1/2 of many
| programming courses: basic network request, write to a file
| and fill your app with a bunch of text. For many languages,
| this is often their intro tutorial. I wouldn't use this as
| an example that the person can do more advanced stuff.
|
| But I do agree with your sentiment, people doing things
| like this should apply their talents to better causes.
| Jimmc414 wrote:
| The irony is that by adding these 82 pirate sites to the hosts
| file and having this action publicized, the malware writers are
| inadvertently promoting a list of 82 sites where users can
| download pirated software.
|
| https://en.wikipedia.org/wiki/Streisand_effect
| eric__cartman wrote:
| I would take that as a list of 82 sites to avoid when looking
| for pirated software.
| judge2020 wrote:
| It's mainly a list of pirate bay sites and proxies. Why would
| their inclusion in this blocklist be a reason to avoid them?
| underseacables wrote:
| The main take away I get from this is ..a list of torrent sites.
| bluefirebrand wrote:
| All of them are honeypots nowadays though
| afrcnc wrote:
| These reports are so misleading. This is junk malware uploaded on
| VirusTotal, not something seen in the wild.
| chayleaf wrote:
| My friend did catch it (or a similar virus), so it can be seen
| in the wild indeed
|
| No it's not me, I don't even play games that much
___________________________________________________________________
(page generated 2021-06-19 23:00 UTC)