Patches, keygens, 0-day & warez are one of the worst places to get a virus.
People that use these applications and websites to get illegal software will probably not want to believe this blog, but unfortunately for you it really is a fact that most of these keygens & patches contain a virus. Some 0-day applications that are wide spread in recent years are the worst culprits.
I started some research about a year ago with 0-day applications, downloaded a few of these for test purpose only. I scanned them with several different trusted anti-malware programs and found several known viruses. I suspected at the time that there may be loads more that were not yet known so I kept all the keygens, patches & cracks in a secure location for later testing.
Well now is that time, I recently opened that secure location and scanned them all again. I found in total 77 now known viruses out of approx. 150 of these keygens, patches & cracks.
Your probably thinking these are false positives, or fake viruses made up by the virus industry and some agencies to discredit such practises, scare people into not using illegal software downloads. Well maybe in some cases that’s true, I have known some anti-virus programs in the past that seem to pick on any file named keygen.exe or patch.exe.
But firstly consider these 3 following things?
1, Nothing is free, hackers don’t spend days and months cracking software for NOTHING. Hackers like anyone else are driven by profit of one sort or another, they don’t get anything out of making these keygens, and you don’t have to pay for them, so what’s in it for them?
Where exactly do you think they get there information from, do you think someone purchases the software and kindly gives the hackers there name and serial number? I don’t think so. They use viruses inside these keygens to scan your computer for software that you have purchased in the hope to gather new serial keys for other software.
Be especially aware of patches for applications that need internet access, if you download an illegal copy of some software that requires internet access, most likely this will come with a PATCH instead of a keygen. Why? Because with most patches you have to copy the patch over the original application exe, you run the applications and your firewall ask you to allow internet access to the application, it’s an application that requires internet access so you grant permission for the software to access the internet.
Now think for a second or two. What are you actually allowing internet access, yes the patch that has over written the original, the patch that more than likely has an imbedded virus inside. Congratulations you have just installed a virus into your computer and gave it full internet access, well done???
2, what is the purpose of keygens, to randomly generate a serial or key. Why? Why not just give you a simple VIRUS FREE .txt files containing a name and serial like some already do? If an application requires a simple serial number why go to the trouble of creating an application to make randomly generated serials, there is no reason.
3, Why are most of these 0-day applications buried so deep in archives that the general public need a masters degree in zip files just to extract the 3 or 4 layer deep files. Also some of these are password protected too.
They may tell you this is to hide the illegal application from agencies and servers that routinely scan popular upload sites and p2p networks for illegal software. Don’t you think these agencies have the technology to scan deep into archives for these files. These agencies could and probably already do monitor most of the site that post links to the illegal downloads so I think they already know where these files are?
What do I think?, I think it because most anti-virus software are setup to skip archives to save time and resources, and some of the anti-virus programs out there that do scan inside archives can only scan a few layers deep and cannot scan inside password protected archives.
Also to further confuse anti-virus scanners lately 0-day applications split the files into random parts, for example ab1.rar, ab2.rar, ab3.rar, ab4.rar. Once you extract these files you find yourself with abA.rar, abB.rar, abC.rar, abD.rar. This further complicates a virus scanner. Most good anti-virus scanners are no longer confused by this and can scan indefinitely deep. But this slows down scanning to a point where most people will just disable scanning inside archives.
I bet if your reading this you probable have some old 0-day stuff or warez downloads from last year on disc somewhere, do a test yourself. Get one of them discs and scan it with an up-to-date anti-virus program and see how many viruses you find.
I’m guessing you’re a full grown adult and already know the legal consequences of using illegal software, it’s not my place to tell you not to use illegal 0day applications, what I am saying is be careful and next time think of the risks before you install that patch or use that keygen.
