Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Backdoor in RelevantKnowledge adware (What are wefighting for?)

From: "Dave \"No, not that one\" Korn" <davek_throwaway () hotmail com>
Date: Tue, 30 May 2006 15:19:47 +0100
3APA3A wrote:


RelevantKnowledge   was   found  to  contain  backdoor  proxy
component
rlvknlg.exe   (Marketscore  OSSProxy),  which  is  configured  to
allow
incoming  network  connections  on TCP/8254, probably acts as open
proxy
and  also performs keylogging and monitoring for active windows
content.
Component can not be disabled by user.

Details (by YAG KOHHA, Lame):


Good analysis, but you're not the first:

http://www.cit.cornell.edu/computer/security/marketscore/technical.html

    cheers,
      DaveK
-- 
Can't think of a witty .sigline today.... 



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: