Jump to content


Photo

Spyware


  • Please log in to reply
2 replies to this topic

#1 preguntonontrack

preguntonontrack

    Regular Poster

  • Regular Bitdefender Poster
  • PipPip
  • 131 posts

Posted 16 July 2013 - 12:08 AM

I did some tests on this pack of archives meant to be mods for MC and they send in usual information to some strange destinations, Bitdefender does not detect anything please check it:

https://dl.dropboxus...t/minecraft.zip

and reply with results. Thanks

Edited by preguntonontrack, 16 July 2013 - 12:09 AM.


#2 Catalin Salgau

Catalin Salgau

    Virus Researcher

  • Bitdefender Labs
  • PipPipPip
  • 700 posts
  • Gender:Male
  • Location:Iasi, Romania

Posted 16 July 2013 - 11:07 AM

On a quick look, one component inside the linked package is an IRC client connecting to a (now down) strange domain.

I would like to point out that for a mod pack, it contains an awful lot of Minecraft packaged in.
Last I checked the game was not redistributable and had a built-in mod management interface inside.

#3 preguntonontrack

preguntonontrack

    Regular Poster

  • Regular Bitdefender Poster
  • PipPip
  • 131 posts

Posted 16 July 2013 - 05:41 PM

QUOTE (Catalin Salgau @ Jul 16 2013, 10:42 AM) <{POST_SNAPBACK}>
On a quick look, one component inside the linked package is an IRC client connecting to a (now down) strange domain.

I would like to point out that for a mod pack, it contains an awful lot of Minecraft packaged in.
Last I checked the game was not redistributable and had a built-in mod management interface inside.


Now that you mention it is kinda weird how is packaged. I did analyze the traffic after running it in a safe Virtual Box and all is running ok except for 2 connections it makes. I am not sure how safe it is but i am submitting it in case is not safe and detection is needed. I got it from an oldschool popular (120+ players) 1.4.7 MC server.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users