[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: [Full-disclosure] Re: Backdoor in RelevantKnowledge adware (What
From: "Dave \"No, not that one\" Korn" <davek_throwaway () hotmail ! com>
Date: 2006-05-30 14:19:47
Message-ID: e5hka5$dv$1 () sea ! gmane ! org
[Download RAW message or body]
3APA3A wrote:
> RelevantKnowledge was found to contain backdoor proxy
> component
> rlvknlg.exe (Marketscore OSSProxy), which is configured to
> allow
> incoming network connections on TCP/8254, probably acts as open
> proxy
> and also performs keylogging and monitoring for active windows
> content.
> Component can not be disabled by user.
>
> Details (by YAG KOHHA, Lame):
Good analysis, but you're not the first:
http://www.cit.cornell.edu/computer/security/marketscore/technical.html
cheers,
DaveK
--
Can't think of a witty .sigline today....
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic