Full Disclosure mailing list archives
Re: Backdoor in RelevantKnowledge adware (What are wefighting for?)
From: "Dave \"No, not that one\" Korn" <davek_throwaway () hotmail com>
Date: Tue, 30 May 2006 15:19:47 +0100
3APA3A wrote:
RelevantKnowledge was found to contain backdoor proxy component rlvknlg.exe (Marketscore OSSProxy), which is configured to allow incoming network connections on TCP/8254, probably acts as open proxy and also performs keylogging and monitoring for active windows content. Component can not be disabled by user. Details (by YAG KOHHA, Lame):
Good analysis, but you're not the first: http://www.cit.cornell.edu/computer/security/marketscore/technical.html cheers, DaveK -- Can't think of a witty .sigline today.... _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Backdoor in RelevantKnowledge adware (What are we fighting for?) 3APA3A (May 30)
- Re: Backdoor in RelevantKnowledge adware (What are we fighting for?) Ag. System Administrator (May 30)
- Re: Backdoor in RelevantKnowledge adware (What are wefighting for?) Dave "No, not that one" Korn (May 30)