Author: Darrel Briley
Date: 17:10:00 06/01/05
Go up one level in this thread
On June 01, 2005 at 18:26:56, Keith Evans wrote: >On May 31, 2005 at 14:05:52, Christopher Conkie wrote: > >>Hello Dann, >> >>Well I don't want the kind of destructive argument that did take place in that >>thread and I contacted them. >> >>This was what they did to rectify that situation and I respect their decision in >>that. >> >>We are all trying to collate information rather than get caught up in some angry >>argument. >> >>Someone said they had contacted Symantec and did not provide any supporting >>evidence. I asked for it and got diddly squat. >> >>I don't believe it ever happened and that there is no mail. >> >>I could however contact them if you like. I think however that the answer from >>them will pretty much be what is on their webpage. >> >>To embed a script in an exe before compilation would require some >>transformation. There is no proof anywhere that this nastiness attaches itself >>to anything. It just does not work like that. >> >>I still have a copy of the offending exe and if any programmer would like to >>take up the challenge, it could be made available to them. I have musterred all >>my web power to try to provide a sane and logical explanation for this as I >>personally do not wish that this is true. >> >>I would have an explanation (at a very long stretch) if the exe was just named >>Fafis.exe and did not play chess. But it does, so on all known information it >>must have been attached. There are no known mechanisms that attach this >>particular file to something else. >> >>Not only that but the file is both compressed and encrypted. >> >>Also the script is in a different language. For compilation to succeed it would >>need to be translated for the compile to be successful. I've tried it. >> >>I still hope that there is a reasonable answer out there but like all others >>await the examination of the code. I hope it is the same code including said >>nastiness and then maybe we can discover how it is inside there. >> >>If you would like me to contact Symantec (or any anti-virus company) to get a >>definative answer I can. Any responses I can publish for the benefit of those >>who did use the file. >> >>I just can't see an explanation anywhere. I would like to be wrong but...... >> >>Shall I send them a mail? I'm sure that they will reply. They might be able to >>examine it for themselves and explain how. What do you think? >> >>Regards >> >>Christopher > >How would a programmer go about attaching this particular worm to an exe? >(Please no step by step instructions.) I mean is this an obvious thing, or a >whole tedious procedure to be worked out? > >If it's not so obvious how to do this, then ... ? > >-Keith There are programs (called "binders") freely available on the net that will allow anyone, with no computer or programming knowledge whatsoever, to attach a virus/worm/trojan horse/keylogger etc. etc. to an .exe, or to many other types of files. I'm not saying that this was done here, just answering the question asked.
This page took 0 seconds to execute
Last modified: Thu, 15 Apr 21 08:11:13 -0700
Current Computer Chess Club Forums at Talkchess. This site by Sean Mintz.