Comments on: Enigma software, have they been spoofed http://certifiedbug.com/blog/2008/05/21/enigmasoftware-payday-loan/ Consumer Security on the web, information to assist you in practicing safe computing Wed, 02 May 2012 01:16:38 +0000 hourly 1 http://wordpress.org/?v=3.3.2 By: certifiedbug http://certifiedbug.com/blog/2008/05/21/enigmasoftware-payday-loan/comment-page-1/#comment-30936 certifiedbug Tue, 12 Aug 2008 01:46:53 +0000 http://certifiedbug.com/blog/2008/05/21/enigmasoftware-payday-loan/#comment-30936 Hello bonzo, I tested the download with two different AV's, niether alerted. What do you mean by "our AV firewall" ? :) Search on W32.JAKUZ at Kaspersky. <blockquote>Not found Phrase to find: "W32.JAKUZ" Found: 0</blockquote> Hello bonzo,

I tested the download with two different AV’s, niether alerted.

What do you mean by “our AV firewall” ? :)
Search on W32.JAKUZ at Kaspersky.

Not found
Phrase to find: “W32.JAKUZ”
Found: 0

]]> By: bonzo http://certifiedbug.com/blog/2008/05/21/enigmasoftware-payday-loan/comment-page-1/#comment-30923 bonzo Mon, 11 Aug 2008 21:29:53 +0000 http://certifiedbug.com/blog/2008/05/21/enigmasoftware-payday-loan/#comment-30923 While looking for a cure for XP Antivirus 2008 I found <em>www</em>.wiki-security.com. Except for no search function, it's a pretty legitimate looking AV site. The weird thing is that every page has a download link for SpyHunter. It's like some sort of covert ad for SpyHunter. The weirder thing is that when I clicked on a link to download the "free" software it's blocked by our AV firewall tagging it as W32.JAKUZ, a known keylogger (Kaspersky). While looking for a cure for XP Antivirus 2008 I found www.wiki-security.com. Except for no search function, it’s a pretty legitimate looking AV site. The weird thing is that every page has a download link for SpyHunter. It’s like some sort of covert ad for SpyHunter. The weirder thing is that when I clicked on a link to download the “free” software it’s blocked by our AV firewall tagging it as W32.JAKUZ, a known keylogger (Kaspersky).

]]> By: ShadowPuterDude http://certifiedbug.com/blog/2008/05/21/enigmasoftware-payday-loan/comment-page-1/#comment-27409 ShadowPuterDude Fri, 23 May 2008 01:47:55 +0000 http://certifiedbug.com/blog/2008/05/21/enigmasoftware-payday-loan/#comment-27409 Correcting my miss-typed email addy: spd@malwareteks.com Correcting my miss-typed email addy: spd@malwareteks.com

]]> By: ShadowPuterDude http://certifiedbug.com/blog/2008/05/21/enigmasoftware-payday-loan/comment-page-1/#comment-27405 ShadowPuterDude Fri, 23 May 2008 00:33:04 +0000 http://certifiedbug.com/blog/2008/05/21/enigmasoftware-payday-loan/#comment-27405 Alvin, You can contact me at spd@malwareks.com, and I'll give you the information I have. If you use the vulnerable code on other pages, you'll will want to review your code, and notify the author of the CMS, you use, of the code injection vulnerability. Alvin,
You can contact me at spd@malwareks.com, and I’ll give you the information I have.

If you use the vulnerable code on other pages, you’ll will want to review your code, and notify the author of the CMS, you use, of the code injection vulnerability.

]]> By: Alvin Estevez http://certifiedbug.com/blog/2008/05/21/enigmasoftware-payday-loan/comment-page-1/#comment-27404 Alvin Estevez Thu, 22 May 2008 23:53:58 +0000 http://certifiedbug.com/blog/2008/05/21/enigmasoftware-payday-loan/#comment-27404 ShadowPuterDude, "Some person or persons have taken advantage of a vulnerability in your software and exploited it." It was not my "Software" that was exploited, it was simply the page or pages to be exact. Alvin ShadowPuterDude,

“Some person or persons have taken advantage of a vulnerability in your software and exploited it.”

It was not my “Software” that was exploited, it was simply the page or pages to be exact.

Alvin

]]> By: Alvin Estevez http://certifiedbug.com/blog/2008/05/21/enigmasoftware-payday-loan/comment-page-1/#comment-27403 Alvin Estevez Thu, 22 May 2008 23:37:05 +0000 http://certifiedbug.com/blog/2008/05/21/enigmasoftware-payday-loan/#comment-27403 ShadowPuterDude, Do not post it here.. But what 4 other pages are exposed? and How can we communicate privately to discuss the particulars? Thanks, Alvin ShadowPuterDude,

Do not post it here.. But what 4 other pages are exposed? and How can we communicate privately to discuss the particulars?

Thanks,

Alvin

]]> By: ShadowPuterDude http://certifiedbug.com/blog/2008/05/21/enigmasoftware-payday-loan/comment-page-1/#comment-27401 ShadowPuterDude Thu, 22 May 2008 23:16:45 +0000 http://certifiedbug.com/blog/2008/05/21/enigmasoftware-payday-loan/#comment-27401 Alvin, I am quite familiar with Content Management Systems and dynamically generated web pages. Some person or persons have taken advantage of a vulnerability in your software and exploited it. You have since corrected the vulnerability to prevent code injection. That doesn't change the fact that some one from your company falsely accused certifiedbug of posting fake images and spreading false rumors. Those pages did exist, with the content displayed; as posted in the article. I've seen them, 4 pages, including spyhunter_more_info.php. Be thankful that the malicious redirect,was ineffective. I've been to the redirect, to investigate. I won't discuss the particulars of the attempted exploit in an open discussion that anyone, including the perpetrators, can view. Alvin,

I am quite familiar with Content Management Systems and dynamically generated web pages.

Some person or persons have taken advantage of a vulnerability in your software and exploited it. You have since corrected the vulnerability to prevent code injection.

That doesn’t change the fact that some one from your company falsely accused certifiedbug of posting fake images and spreading false rumors. Those pages did exist, with the content displayed; as posted in the article. I’ve seen them, 4 pages, including spyhunter_more_info.php.

Be thankful that the malicious redirect,was ineffective. I’ve been to the redirect, to investigate. I won’t discuss the particulars of the attempted exploit in an open discussion that anyone, including the perpetrators, can view.

]]> By: Paperghost http://certifiedbug.com/blog/2008/05/21/enigmasoftware-payday-loan/comment-page-1/#comment-27397 Paperghost Thu, 22 May 2008 22:59:49 +0000 http://certifiedbug.com/blog/2008/05/21/enigmasoftware-payday-loan/#comment-27397 Email me at Paperghost@vitalsecurity.org is the quickest way. Its late here, but I will wait up for your message :) Email me at Paperghost@vitalsecurity.org is the quickest way. Its late here, but I will wait up for your message :)

]]> By: Alvin Estevez http://certifiedbug.com/blog/2008/05/21/enigmasoftware-payday-loan/comment-page-1/#comment-27395 Alvin Estevez Thu, 22 May 2008 22:44:28 +0000 http://certifiedbug.com/blog/2008/05/21/enigmasoftware-payday-loan/#comment-27395 Paperghost, Is there a way for us to speak to you in private? Alvin Paperghost,

Is there a way for us to speak to you in private?

Alvin

]]> By: Alvin Estevez http://certifiedbug.com/blog/2008/05/21/enigmasoftware-payday-loan/comment-page-1/#comment-27394 Alvin Estevez Thu, 22 May 2008 22:40:31 +0000 http://certifiedbug.com/blog/2008/05/21/enigmasoftware-payday-loan/#comment-27394 PaperGhost, I wanted to speak to you on the Anti-Spyware Coalition consortium meeting last January of this year. I was sitting in the audience and enjoyed some of the work you do with the young hackers. I am willing to work with Tashi to find those spammers. My only issue is, the IP can be bogus, what if they are using proxies or compromised computers? But at least is a starting point.... Alvin PaperGhost,

I wanted to speak to you on the Anti-Spyware Coalition consortium meeting last January of this year.

I was sitting in the audience and enjoyed some of the work you do with the young hackers.

I am willing to work with Tashi to find those spammers.

My only issue is, the IP can be bogus, what if they are using proxies or compromised computers? But at least is a starting point….

Alvin

]]>