malware

0

Futile attempt of spreading malware: 3wPlayer vs. perl hackers

If you happen to be a voracious torrent user you may have found yourself in the situation where instead of a film your video player displays a still text inviting you to download their stupid trojan-horse infected video proprietary video player.

Basically the video file is there, but it's been encrypted so that only that particular crappy video player allows you to see it. Or is it? Apparently 3wplayer are not very bright, all they did was using standard exclusive or (XOR) with a short string, which makes sense. It's really easy to implement, saves space since the function for encoding and decoding is the same and most importantly it's fast, wich it has to be when dealing with video. What those morons who created that stupid player forgot, was that if you have a lot of the same bytes in the file you want to encrypt, the XOR key shines through. (hacking code below!)

Syndicate content