encrypted rar file? - boards.ie
Boards.ie uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Click here to find out more x
Post Reply  
Thread Tools Search this Thread
07-04-2011, 10:13   #1
Registered User
Join Date: Jan 2010
Posts: 923
encrypted rar file?

Anybody ever heard of a torrent that when finished, is an encrypted RAR file, and there's a readme that says to go to this dodgy sounding website -a-string-of-numbers-and-letters.whackyvidz.com ??

In fairness i actually opened up the link on a computer i didn't care about, and it opened to a site that had a small SN on the bottom. Haven't tried putting that SN into the encrypted RAR file yet.

But, has anybody ever heard of such a thing?
The torrent is supposed to be a movie but this has warning signs all over it.

But why bother with all this carry-on if it's just a virus?
BluePlanet is offline  
07-04-2011, 10:26   #2
Registered User
Join Date: Oct 2009
Posts: 162
Avoid like the plague.
clacks is offline  
07-04-2011, 11:11   #3
Voodu Child
(Slight Return)
Voodu Child's Avatar
Join Date: May 2005
Posts: 6,627
Password protected RARs are very common. And having a text file with a torrent or download that asks you to visit a particular URL is also very common.

That doesnt mean this particular example is safe or unsafe.
Voodu Child is offline  
07-04-2011, 11:12   #4
Closed Account
Join Date: Jun 2006
Posts: 13,650
You visited the site didn't you?

Better get some scans running. download this, install it, update it and run the full scan just to be safe
PogMoThoin is offline  
07-04-2011, 11:28   #5
Registered User
Join Date: Jan 2010
Posts: 923
I suppose i'm wondering because, if the goal was to circulate a virus, why bother having people go to the site?
If the virus is in the RAR, wouldn't it be easier (and probably more successful) to just give them the pw in the readme?

I'm presuming the RAR is encrypted simply for detection avoidance.
BluePlanet is offline  
07-04-2011, 12:06   #6
Voodu Child
(Slight Return)
Voodu Child's Avatar
Join Date: May 2005
Posts: 6,627
I'll say it again: RARing a download and PW protecting it is common practice to break it into smaller pieces, give a level of redundancy and keep the contents from prying eyes.

Sending people to a site to get a PW is common practice to generate page views, link revenue, ad revenue etc.

This kind of thing doesnt tell you whether you are dealing with malware or not.
Voodu Child is offline  
07-04-2011, 23:11   #7
Registered User
Karsini's Avatar
Join Date: Jul 2003
Location: Dublin
Posts: 14,373
Oldest trick in the book. I remember this back in 1999/2000, sending you on a hunt to get a password. "go to site x, sign up, the password is the fifth word on the confirmation page." That method was often used for private FTP server passwords too.
Karsini is online now  
08-04-2011, 00:14   #8
knird evol
knird evol's Avatar
Join Date: May 2006
Posts: 988
if you google the name of the file > "titanic.rar" & "password" ....bit of a chance
knird evol is offline  
08-04-2011, 00:24   #9
Registered User
uch's Avatar
Join Date: Oct 2002
Location: 17 - 24
Posts: 4,865
Use the name of whoever seeded it for password
uch is offline  
Post Reply

Quick Reply
Remove Text Formatting

Insert Image
Wrap [QUOTE] tags around selected text
Decrease Size
Increase Size
Please sign up or log in to join the discussion

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Share Tweet