home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
EnigmA Amiga Run 1995 October
/
EnigmA AMIGA RUN 01 (1995)(G.R. Edizioni)(IT)[!][issue 1995-10][Aminet 7].iso
/
Aminet
/
util
/
virus
/
Hack9520.lha
/
Hack_Report9520.txt
< prev
next >
Wrap
Text File
|
1995-05-09
|
17KB
|
436 lines
=========================================================================
AMIGA HACK REPORT
=========================================================================
||
The Hack Report || Written by Erik Loevendahl
for May, 1995 ||
|| Fidonet : 2:236/116.17
Safe Hex International Support BBS: || Amiganet: 39:141/127.17
|| Telefax : +45 5599 3498
DAN BBS: +45 43621655 V-Fast 28.8 ||
Formula II: +45 43432463 V-Everyth. || Henrik Lauridsen Internet support:
|| hlau@dou.dk
||
||
Lars Stockholm Packet Radio support:|| Benny Petersen Cbmnet support:
OZ1GYQ@OZ4BOX.SAX.LOL.DNK.EU || bennyp@bennyp.adsp.sub.org
||
|| Number 7
Released by Safe Hex International || Report Date: 10 May, 1995
||
=========================================================================
Welcome to the second issue of The Amiga Hack Report. This is a series of
reports that aim to help all users of files found on BBSs avoid
fraudulent programs, and is presented as a public service by the
FidoNet, Internet and Amiganet International E-mail echos.
Thanks to everyone who has helped put this report together, and to those
that have sent in comments and suggestions.
NOTE TO SYSOPS: The Hack Report may be freely posted as a bulletin on
your BBS, subject to these conditions:
1) the latest version is used,
2) it is posted in its entirety, and
3) it is not altered in any way.
NOTE TO OTHER READERS: The Hack Report (file version) may be freely
uploaded to any BBS, subject to the above conditions, and only if you do
not change the filename.
The author is not responsible for any loss of data nor is he responsible
for any information if it isn't correct. This list is made as a help and
a lot of work is done to validate all the below mentioned informations to
be so correct as possible, but who knows? .....
The idea is to make this information available freely. However, please
don't cut out the disclaimers and other information if you use it, or
confuse the issue by spreading the file under different names. Thanks!
If you see other fake or trojan versions NOT listed here, please contact
one of the above supporters or myself so that we can keep this listing up
to date.
Erik Loevendahl
=========================================================================
HACKED AMIGA PROGRAMS
Here are the latest and most common versions of some programs known to
have hacked fake or trojan copies floating around. Archive names are
listed when known, along with the person who reported the fraud. (thanks
from us all!).
20-03-94 X-Copy 8.5 66424 bytes is a trojan. Installs the Fmfoj Xjsvt
v2.2 (Eleni) boot virus, which can damage your harddisk.
17-05-94 Decompiler (Autoboot Disc Creator), 53.992 bytes is a trojan.
Renames your harddisk directories. Reported by W. Gorzkowski.
25-05-94 Hacker 20.980 bytes unpacked is said to optimize your modem
settings, but in fact it is a trojan
05-06-94 DMS 2.13 92.440 bytes packed in a file named "Dms213ur.lha"
will format your harddisk. Reported by Kim B. Jensen.
* 15-06-94 NoCare27.lha 28.848 bytes unpacked will delete your HD files.
18-06-94 DMS2.12 lha, Device-Masher System, DMS/FMS-Masher 2.12 Extra
Turbo 92.208 bytes is a fake.
20-06-94 Ua62.lha, Ua-dialer v6.2 26828 bytes PPacked, 51956 bytes
unpacked is said to damage your S/Dir.
22-06-94 Mformt12.lha, Mformat 1.2 unpacked 25168 bytes is said to
format harddisks after 8. floppies. Reported by Gerard Sens
* 02-07-94 NCOmm 3.09 221.056 bytes is said to be a trojan, which
installs the eleni virus, that can damage your harddisk.
07-07-94 Hd_speedup.exe, 6252 bytes unpacked found in "HD_Speedup.lha"
will damage your harddisk. Reported by Steen Brusgaard.
15-07-94 Clx_doom.lha, Doom 32020 bytes is a nasty trojan, which change
your assign and setpatch command. Reported by Edwin Leenders.
23-07-94 Elien_virus_checker 0.1 is nasty trojan. Found in a file
called "elien.exe". 1016 bytes PPacked, 596 bytes unpacked.
* 02-08-94 Esp-dmpd.lha (DiskMaster 2 PAL Fix) is said to contain a
linkvirus.
09-08-94 God-j12.lha, JiZaNSi 1.2 - IFF 2 ANSI converter 22.008 bytes
unpacked is a trojan. Reported by Peter Hansen.
* 24-08-94 Viewtek22.lha 93.844 bytes contains a link virus. Reported by
Betasoft.
01-09-94 Dskslv3.DMS. Disksalv 3.01 106584 bytes unpacked is said
to be a trojan. Reported by Dave Haynie.
08-09-94 Vmk30.lha, Virus Memory Kill V3.00 2620 bytes is a trojan
which will damage your harddisk. Reported by Chris Hames
30-12-94 Surprise.exe 39296 bytes is spread at a demo at "The Party 94"
in Denmark will damage your harddisk. Reported by B. Petersen
31-01-95 VZII-114.lha is a fake version. Please use the new version
VZ-115.lha 128182 bytes (unpacked 74028 bytes).
01-01-95 DMS206.lha and CRY_206 contain DMS206.exe is a BBS infiltrator
program. Use the latest >original<... DMS 2.04 (96284 bytes).
13-01-95 IStrip21.lha unpacked 12212 bytes is an infiltrator program
which place BBS user.data in download dir named "eatme.lha".
06-02-95 The Achtung.exe demo in the GATH95-!.lha archive will format
your harddisk (COP trojan). Reported by John Vickers.
03-03-95 The archive axripii.lha, about 120046 bytes contains harddisk
damage program called Fucker virus in the file called AMIBBB.
* 04-03-95 The DMS file Zaxxon.DMS is said to be a HD Formatter. Reported
from Holland. No more info yet sorry !!!!!!
14-03-95 Personal Paint version: 6.2 is a fake. The last original PPaint
version is 6.1. Reported by the programmer M.C. Battilana
21-03-95 ncomm32.lha, 121896 bytes Stonecracker 4.04 packed), 226116
bytes unpacked. Pretend to be NComm 3.2, but is in fact a COP
trojan (harddisk tasher)
25-03-95 opus5.lha, unpacked 347308 bytes. Pretend to be DirectoryOpus
5.0, but is in fact a COP trojan (harddisk trasher)
26-03-95 lha30.lha, 69888 bytes StoneCracker 4.04 packed, 105808 bytes
unpacked. Pretend to be Lha 3.0, but is in fact a COP trojan
(harddisk trasher)
26-03-95 ced4.lha 174500 bytes unpacked. Pretend to be CygnusEd 4.0,
but is in fact a COP trojan (harddisk trasher)
31-03-95 sinfo10.lha, unpacked 2852 bytes. Pretend to be SInfo v1.0,
but is in fact a COP trojan (harddisk trasher)
06-04-95 nxs-pt4.lha unpacked 180188 bytes. Pretend to be ProTracker
4.0, but is in fact a COP trojan (again a harddisk trasher)
* 08-04-95 led-tdc6.lha the swedish "Dreamcharts" is said to contain a
COP harddisk trasher. Reported by Mike Hayes.
* 10-04-95 hakvirus.lha is said to be a warning against a 'dir virus',
but the new trojan is inside of it! Reported by Remko Wiersma
* 10-04-95 hackt.lha contains Conman virus in the file Hackt.exe
unpacked 12312 bytes. Reported again by Remko Wiersma.
13-04-95 Creator.lha is a HD formatter. In the archive you will find
the following files C:creator.scr 40 bytes and S:Creator.dat
2880 bytes both files unpacked.
* 14-04-95 DMS205 a DMS fake is said to circulate in Holland. Can anyone
confirm this, then please contact SHI??? (And use DMS 2.04).
17-04-95 SNK305.lha archive contains a trojan called Super Nova Killer
3.05, which is send to SHI from a programmer as a quite new
SHI program, but.........(packed/unpacked 4792/5480 bytes).
19-04-95 orb-kc.dms, a game "Kid Curry" have a file "Hd_Install.exe"
unpacked 8052 bytes, it's in fact a HD trasher.
20-04-95 trsi-vw5.lha contains VirusWorkshop V5.0 (no-packed 135.744
bytes), but in fact it's a COP trasher against your harddisk.
21-04-95 trsi-ft.lha pretend to be FutureTracker, 317.608 bytes
unpacked, but is in fact a COP HD trasher.
24-04-95 icond13.lha a program called IconDept 1.3, 4188 bytes unpacked
is (again) COP trasher against your HD. Thanks to Knut Rod.
26-04-95 toolsd26.lha contains a ToolsDeamon 2.6, nopacked 4864 bytes
but in fact it's a harddisk trasher. Thanks to Pat Morris.
26-04-95 creat_11.lha very like the creator.lha (13-04-95) only 3 bytes
is changed in the creator.scr file. Very original inded??
26-04-95 dt230.lzx pretend to be DosTrace 2.3, nopacked 9692 bytes,
but is infact a new COP trojan against your HD. Use the
original 2.20 from Peter Stuer!
30-04-95 psg-ae5.lha pretend to be AmyExpress 5.0, 71.904 bytes
unpacked, but is in fact a COP HD trasher. Thanks Mats Nyman
02-05-95 cchack22.exe, 11.216 bytes is a hacker against BBS to get the
bbs: userdata for infiltrating your BBS. Thanks to Oluf Witt.
08-05-95 Commander virus is to-day spreaden in all the folowing files:
dagis!up.exe, Denistro_1.exe, Denistro_2.exe, mn-acid.exe,
Vampire.exe, Dpl-Mam1.DMS, Dpl-Mam2.DMS, Removcmd.lha,
Network90.DMS
PLEASE ATTENTION
----------------
The above marked > * < trojans or fake versions isn't implementet in the
SHI virus killers yet, so please TAKE CARE AND SEND THESE TROJANS for
new updates to the mentioned SHI members/BBS'es in this list!!.
Do yo want more information please read more about the viruses and
trojans in Virus Info Base an excellent multi media datebase program
made by SHI and spread by ADS, achive name: "VIB9508.lha"
=========================================================================
SPECIAL FOR SYSOP'S
-------------------
* Did you know that today no file is safe anymore!
* Did you know there is a lot of virus, trojans and fakes today?
* Do you want to protect your harddisk 100%?
* Do you want to use a simple and effective way?
A little trick for SysOp's: Print this little list and use it to check
your new uploads!!
Please use this form below if you find some fake versions or trojans and
send it to Safe Hex Internalional by E-mail or by post.
--> cut here
========================================================================
HACK REPORT FORM:
------------------------------------------------------------------------
YOUR NAME:
------------------------------------------------------------------------
ADDRESS: ZIP CODE:
------------------------------------------------------------------------
COUNTRY: PHONE:
------------------------------------------------------------------------
WHICH PROGRAM IS A FAKE OR A TROJAN : VERSION:
------------------------------------------------------------------------
FOUND IN ARCHIVE NAME: ARCHIVE DATE:
------------------------------------------------------------------------
BYTES UNPACKED:
------------------------------------------------------------------------
A LITTLE DESCRIPTION
(Why do you think this is a fake or a trojan)
-------------------------------------------------------------------------
ATTENTION IF..
Possible please send the actual fake or trojan to Safe Hex International!
THANK YOU VERY MUCH FOR YOUR HELP! WITHOUT YOUR
VALUABLE HELP WE COULDN'T HAVE MADE THIS LIST!!!
========================================================================
--> cut here
Please send the hack or the infected file together with the above report
to:
SAFE HEX INTERNATIONAL MAIN
Erik Loevendahl Fidonet: 2:236/116.17
Snaphanevej 10 Amiganet: 39:141/127.17
DK-4720 Praestoe Telefax: +45 5599 3498
Denmark
/or to ....
__
__ /// SAFE HEX INTERNATIONAL BULLETIN BOARD SUPPORT:
\\\/// :::::::::::::::::::::::::::::::::::::::::::::
\XX/
* Programmers Resort BBS: +45 98380575 ZyXEL/v32bis
+45 96869090 ISDN
Special support for the SHI programmers and disk copy service
for SHI programmars without a modem.
* Attention special SHI area for uploads of new viruses!~
SysOp: Alex Holst, member of SHI
Address: Alex Holst
Jaettestuen 70
DK-9230 Svenstrup J
Denmark
Tlf. Voice: +45 96869090
* DAN BBS is one of the best and biggest BBS in Europe
Anti-Virus PC and Amiga CoSysOP: Erik Loevendahl
* Attention special SHI area for uploads of new viruses!~
Server: 486DX2-66,32mb-RAM,Adaptec 2842VL
Micropolis 1528+4110 (Micro2:86127799)
Total harddisks: 4.3 GIGA,
2/8 Giga Sony DAT streamer
CD-Server: 386-40mhz,4MB, 18 CD's online
ISDN workstation: 386-40mhz, 4MB, TELES
Total 14 GB on-line
(More than 30 PC's in system)
Linie 1 payment line 42643990 V-Fast 28.8
Linie 2 43628230 ZyXEL/v32bis
Linie 3 43627750 ZyXEL/v32bis
Linie 4 43625880 ZyXEL/v32bis
Linie 5-19 payment lines! 4362XXXX ZyXEL/v32bis
Linie 20 42643827 V34/VFC 28.8
Linie 21 43621655 VFC 28.8
Linie 22+23 43661070 ISDN
DAN BBS fax: 42643357 Group 3
HOW TO DO:
---------
Do you wish to contact our SHI >free< anti-virus areas for uploads
of new virus or download of the newest SHI anti-virus stuff type:
"Guest", "Guest" (for free files), and "V" (for the SHI anti-virus
free area)
=========================================================================
WE NEED......YOUR SUPPORT CONCERNING NEW VIRUSES FOR
FUTURE UPDATES of this Virus Info Base program.
We are thinking that you can see how important your
support is too if you are using one of the following
programs, which are using our anti-virus.libraries:
* Virus Checker by Johan Veldthuis
* Virus Scanner by Gabriele Greco
* Fides Professional by John Lohmeyer
* DMS by ParCon Software
* Virus Info Base by Safe Hex International
* D-Copy by Stefan Bernbo
* X-Copy by Cachet Software (commercial)
* Xtruder BBS virus killer by Martin Wulffeld
* MT-Copy by Gert-Jan Strik
* Harboot virus analyser by Martin Harbo
* Bootwriter by Ralf Thanner
* DMSChecker by Martin Wulffeld
* AntiCicloVir by Mathias Gutt
ATTENTION: ARE YOU USING SOME OF THE ABOVE PROGRAMS, YOU HAVE OF COURSE
INTERREST TO HELP US, SO WE WE CAN HELP YOU TOO. THEREFORE REMEMBER TO
SEND ALL NEW VIRUSE TO SHI FOR FUTURE UPDATES.
THANK YOU VERY MUCH AND REGARDS
"THE AMIGA LIVE"
=========================================================================
Kind regards your friend
/~\ ERIK LOEVENDAHL SOERENSEN, SAFE HEX INTERNATIONAL
C-oo) Phone +45 5599 2512 | Fidonet: 2:236/116.17
\-) Fax +45 5599 3498 | Amiganet: 39:141/127.17
/~\