[Newsgroups] usenet flooded with viruses, encrypted files.
What the heck has happened to usenet?
I've always used binsearch to find stuff on usenet, I've never liked those NZB sites you have to sign up for or pay money to.
Lately I've noticed tons of files in once reliable groups, that are either virus infected or have incomprehensible names. I'll even down load part of a file and Winrar can't figure it out or it downloads as a 99 mb file with no file extension at all. And I thought the password protected files were obnoxious, sheesh!
I've notice one software group where you used to actually be able to find working programs is just being massively flooded with virus files. I wasn't even looking for software, I was looking for a tv show and I get hits on that group. The file names they use are the correct Scene name but the file sizes are too small. I remember when virus files were only a few kb, now they're 15mb, more or less.
I'm not even looking for popular tv shows, I was looking for a non American documentary.
I tried looking for a few popular software titles and couldn't find any that weren't infected. i tried to find a very popular, non American show that used to be easy to get and I only found about half the seasons and those were in dutch.
I guess the usenet software-tv-movie feast is over for us in the English speaking world.
Can anyone recommend a better usenet search engine than binsearch ?
Couple of pointers:
1. Virus posts are usually less than 10MB in size.
2. Some passworded files are nothing more than spam or scams
With that knowledge, you can use binsearch to filter out that crap you don't want. If you go to advanced search, center top of page, you can use the extended options to filter out that junk.
Most TV shows 1hr in length for example are 300-500 for SD and 700MB-2.2GB for HD. Just putting in 300MB or larger will filter out the viruses.
A little common sense goes a long way.
Sorry, I thought it was clear from my post, I HAVE been doing this for years. I always find what I am looking for and I recognize the fake files because they are so small. I prefer the 1.5 gig MKV files to be honest. I always use the advanced search, "show only" collections," "show only posts with a nfo".
My point is, why is there so much useless crap suddenly and why are they even targeting a not very popular tv show title and posting it to so many different groups?
I've been dong this since the late 90's
|reply to sandytrat |
You're right. Since months, usenet and torrents are flooded with millions of infected files. That's correct, you can search anything you want, you will find dozens of items that will match your query.
In very few words :
1. In the past, viruses were designed to destroy a target. Things have changed today. The "criminal" business has migrated on internet. And, their goal is not to disturb your activities, but steal something they want. And the more computer are infected, the more they can collect informations and the more they get money.
The "criminal" organizations grab, sort and re-sell stolen informations to a "customer". They use today the same economical model used in the legal economic world : objectives, project plan, marketing plan,development plan, teams ( code review team, testing teams, ... ) Don't imagine anymore a stand-alone developer geek in the dark bedroom.
And, thrust me, when the dev teams have finished coding, they all post themselves the badfiles on usenet and create tons of different poster name.
2. They use dedicated tools ( software suite ) developed in order to automate the compilation of malware ( trojan, spyware, all bad things you wantware ). It means that a new version of heuristic is each time generated ( simply said ). How can your antivirus could detect this bad file if the signature of the bad file is not yet known by your AV provider ? The criminals generate so many files in a day
It permit also, for example, to inflate the size of the file. We used to take care of few kilobyte files, but what do you think about a 25 megabyte file ? Infected file or not ? Difficult to answer, if your query was a small application. The badware is well designed : it doesn't stops anything, don't use huge network resources when transmitting datas, and, well done guys, it sends datas in encrypted format to http servers ( good luck to analyze what your host machine is sending ! )
3. Usenet and torrents are not regulated. It's the right place to be for a badfile provider
They flood tons of data collectors every day, every where. Again, The more they hit somebody ( oops, I ran the exe file ), the more they collect infos than cash.
But, official software provider also flood bad versions of their release in order to discourage leechers. Finally, after several computer re-installation, they will probably buy the stuff.
The best method is to estimate the credible size of your file ( ex : tv video file, 50 min, 300 Mb ) and think around : is it credible if, for example, I need an MP3 an after unrar, I get an exe file ?
Working with the dark side of internet leads to accept to change some habits :
Full host system backup
Virtual machine to test exe files, snapshot before, discard if issues.
Sandbox environment on several AV software