Comments on websites

User picture

roguedb.tk

Fri 02 Oct 2009 10:42:58 AM UTC — Virus Hater

I noticed 2 red comments. I just want to tell you that the site is not bad. The Rogues hosted on the website are for TESTING PURPOSES ONLY. Absolutely NOTHING will be downloaded without your consent. I've been to the site loads of times to test out new Rogues on my VMWare.

The guy who owns this website can be found here:
http://www.youtube.com/user/RogueWatch

User picture

From the first looks, one

Fri 02 Oct 2009 01:56:47 PM UTC — WeJudgeUs

From the first looks, one would only think that it is a site aimed at spreading out rogues.

You said:
Rogues hosted on the website are for TESTING PURPOSES ONLY.

Actually, they are not hosted by that site. It just directs to an account folder of 4shared, a file-sharing site.

This actually shows out failure in part of 4shared.com; it doesn't scan the files that are uploaded into their servers.
I wonder why it has McAfee Secure badge, if such rogues are stored in their servers.

But the SiteAdvisor does have some downloads marked red.
http://www.siteadvisor.com/sites/4shared.com
___________________________________________

Let's make the Internet a better place to browse.
WeJudgeUs - because none can judge us better than ourselves. :)

User picture

HA!

Fri 02 Oct 2009 07:05:37 PM UTC — jpvip

I don't think so. Having this "Windows 7 OEM Activator" is reprehensible. The intentions on the site are possibly ok, but hosting a site just to put a virtual hard drive from 4shared on? Come on. It might be a resource to a malware tester, like me or somebody else, but hosting it for the public is indeed not tolerated. Look to the real side, no one knows it is a good site, and it has bad downloads on it. Thus making me give it a YELLOW rating. The Windows 7 activator stuff is completely and totally out of line.

~DragonMaster Jay, malware researcher,
Admin, helpmyos.com

User picture

.....

Fri 02 Oct 2009 09:25:18 PM UTC — MysteryFCM

For testing purposes huh? poppycock!

I've reported this one both to dot.tk, and to 4shared.com's abuse departments.

Whilst not restricting who can access malicious samples is always a good thing (I'm sick to death of vendors that try keeping everything to themselves under the guise of not wanting to help their competitors), this is completely the wrong way of going around it, and there's a few files on there that are clearly not there simply for "testing".

Regards
Steven Burn
Ur I.T. Mate Group / hpHosts
it-mate.co.uk / hosts-file.net

User picture

4shared.com Terms of Use violation

Fri 02 Oct 2009 09:53:28 PM UTC — g7w

hxxp://www.4shared.com/terms.jsp

By using the 4shared service, you agree not to do any of the following:
2. Post, distribute, or otherwise make available or transmit any software or other computer files that contain a virus or other harmful component.

Rated roguedb.tk and commented.
If "Joe" wants to host these files for "testing" , let him do it off his own web space and at his own bandwidth expense...

-------
WOT Services Ltd. - gives us safety through Web of Trust.
WOT Community - gives us security through unity.
Thank you all
- G7W

User picture

Wow

Sat 03 Oct 2009 05:27:02 PM UTC — Virus Hater

I'm friends with RogueWatch and i've already told him about you and your red ratings. When he hears of this, he'll probably take all the samples and re-upload them onto another website for testing. So one way or another, you are not gonna stop him. Lots of users on YouTube like his rogue videos and he has loads of friends and subscribers. If you take his site down, it'll destroy his reputation on YouTube. Also, feel free to argue with me as much as you want because i couldn't care less.

User picture

.....

Sat 03 Oct 2009 06:29:51 PM UTC — MysteryFCM

It's about ETHICS, plain and simple.

Regards
Steven Burn
Ur I.T. Mate Group / hpHosts
it-mate.co.uk / hosts-file.net

User picture

Re: Wow

Mon 05 Oct 2009 01:22:21 PM UTC — LiVeRpUdLiAn932

So tell me why would anyone genuinely uploading malware 'samples' to help others take all the samples and re-upload them onto another website ?
And since he is not a criminal in any sort, why are you concerned whether we are able to stop him?
I can infer from the way you phrase your sentences you/RogueWatch is guilty.
Guess you exposed you and your friend over there.
roguedb.tk
Dark red, ethical issues.
You'll Never Walk Alone

User picture

How dare you

Mon 05 Oct 2009 01:45:45 PM UTC — Virus Hater

RogueWatch is neither guilty nor a criminal. That is nonsense.

User picture

How dare me?

Tue 06 Oct 2009 12:33:35 PM UTC — LiVeRpUdLiAn932

RogueWatch is neither guilty nor a criminal. That is nonsense.
This does not answer my arguments.
You'll Never Walk Alone

User picture

^^ agreed...

Sat 03 Oct 2009 11:12:42 PM UTC — jpvip

Which is why I rated it Ethical Issues.

~DragonMaster Jay, malware researcher,
Admin, helpmyos.com

User picture

Conundrum

Sun 04 Oct 2009 01:57:45 AM UTC — evilfantasy

If you take his site down, it'll destroy his reputation on YouTube. Also, feel free to argue with me as much as you want because i couldn't care less.

Your on two sides of the fence here. Your standing your ground but you also don't care... Which is it?

User picture

Ok

Sun 04 Oct 2009 10:12:17 AM UTC — Virus Hater

I'm not being rude or anything, but it just doesn't make any sense.

Roguedb.tk has got a red rating.
offensivecomputing.net has got a green rating.

They are both affiliated with malware testing, but Roguedb.tk has got a red rating while offensivecomputing.net has got a green rating. They both have malicious samples for testing. So if you are gonna rate roguedb.tk down, why not rate offensivecomputing.net down aswell?

User picture

First of all, please not

Sun 04 Oct 2009 10:39:59 PM UTC — WeJudgeUs

First of all, please note that I am not arguing, and am just making my statement. Offensive Computing is rated green because, it explains what it is upto in the landing page of the site itself, and that too in big red letters that anyone browsing their site would notice. It clearly explains it's aim and warns users.

But in the case of the above mentioned site, Roguedb.tk , it gives no warning about it's content, and some files in it may be downloaded and used by some users who pass by. Thus it turns out to be unsafe.

It would have been quite easy for the owner of that domain to put up some landing page, with some free hosts, or he could have first directed the domain to any free blog or something like that which could have linked to the "Rogue Database" with warning.

It's still not late to take an action.

What among these choices will be safer?
(1) The owner of the domain puts up a landing page with warning about the content, and it's purpose.
(2) We all change our rating on it and give good comments and thus the number of users getting affected by the content in the site increases.
________________________________________________

Let's make the Internet a better place to browse.
WeJudgeUs - because none can judge us better than ourselves. :)

User picture

differences

Sun 04 Oct 2009 03:01:23 PM UTC — g7w

offensivecomputing.net maintains a secure file section hosting samples to registered users only.

roguedb.tk offers files to anyone via a shared hosting service; which BTW is against the Terms of Use for that service.

There's a big difference from a controlled situation (offensivecomputing) and not (roguedb).

Let's use another example: rootkit.com - scorecard
Here is a site dedicated to information on, including samples of rootkits.
You must be logged in to access the files in the Vault which is basically a directory of each user's uploads associated to their username; however, there are files publicly available (uncontrolled) which is why I rated it highly and left a Warning Comment IMO *all* files should require registration and login for access.
-------
WOT Services Ltd. - gives us safety through Web of Trust.
WOT Community - gives us security through unity.
Thank you all
- G7W

User picture

This site is fully safe

Sun 04 Oct 2009 06:44:42 PM UTC — konner920

This site is fully safe guys. Those who are putting bullcrap down saying this site is dangerous MAY need to go on youtube a bit more.

http://www.youtube.com/user/RogueWatch

This site is made by this guy for people to test malware on their Virtual Machines. He reviews the rogue software to show you how it infects and how bad it is.

User picture

Second verse ....

Sun 04 Oct 2009 08:01:16 PM UTC — MysteryFCM

.... same as the first

Regards
Steven Burn
Ur I.T. Mate Group / hpHosts
it-mate.co.uk / hosts-file.net

User picture

Huh?

Mon 05 Oct 2009 05:41:38 AM UTC — BobJam

konner920:"dumb ass"?: http://www.mywot.com/scorecard/osx86help.we.bs/...

User picture

HA!

Mon 05 Oct 2009 06:12:19 AM UTC — jpvip

@konner920
YouTube (notice the correct capitalization) is populated by USERS. Not professionals. Just like Wikipedia. It is all done by users. I admit, there are probably experts on the Wikipedia, but on YouTube - not so many.

The downloads found on roguedb.tk is live malware. What do YOU think it is? Recipes for home-made food?

~DragonMaster Jay, malware researcher,
Admin, helpmyos.com

User picture

Good news

Mon 05 Oct 2009 12:28:14 PM UTC — Virus Hater

roguedb.tk has gone from being red to yellow. Soon it'll be green again.

User picture

umm

Mon 05 Oct 2009 05:22:30 PM UTC — jpvip

It was yellow because of my first rating. I then, re-rated it red after it tested positive for a distributor of Virut, an operating system murderer. Now I know the intentions are indeed foul. Ain't no way someone wants to test Virut. The site looks a bright red-orange to me. lol

Rated red for Malicious Content:
roguedb.tk

~DragonMaster Jay, malware researcher,
Admin, helpmyos.com

User picture

The intentions are not foul

Mon 05 Oct 2009 06:18:42 PM UTC — Virus Hater

The intentions are not foul.

User picture

huh?

Mon 05 Oct 2009 07:08:28 PM UTC — jpvip

Ok. I research malware for nothing? I have seen databases that have been encrypted, which means you need a username and password, and one encryption key just to get in to the database of malware. Why? Because, the way the site is set up, leads me to believe there is a malware writer who is using this bad site, to have malware communicate to and work as a trojan downloader.
Trojan downloaders get installed to computers, and then attempt to connect to the site(s) in question to download more malware. If the malware writer is not smart enough (most aren't anyway), then he/she will need a site that can allow downloads to be launched without the need of an account. Most writers think it is too hard to set up malware to be able to log in to an account and download.

Now, XP Guard...what makes you so defensive of the site? Are you the owner of it? Do you have some kind of affiliate's pass in to this illegal game? Distributing Virut is completely reprehensible, and I cannot believe someone would stoop to that level to actually place that download on that site. Give me a break? It's not like I cook muffins in my spare time, I study malware. One of the most frightening and hard-to-remove infections is Virut. Most of the time, Virut cannot be removed completely. So it is called a murderer. What kind of malware is that? Serial killer malware. One of the first forms of it.

~DragonMaster Jay, malware researcher,
Admin, helpmyos.com

User picture

I'm not

Mon 05 Oct 2009 07:42:50 PM UTC — Virus Hater

I'm not affiliated with the site. But i support it and i know that it is not illegal.

Also, i don't even know what Virut is.

User picture

"Also, i don't even know what Virut is."

Mon 05 Oct 2009 11:16:44 PM UTC — evilfantasy

Then you need to stay away from websites hosting malware.... and topics like this one!

User picture

Ok

Tue 06 Oct 2009 09:20:38 AM UTC — Virus Hater

Look. I'm an expert on malware, but i don't know what Virut is because i've never heard of it.

User picture

Are you?

Wed 07 Oct 2009 12:14:16 AM UTC — jpvip

I may be considered a malware expert by my peers, but I do not call myself one. But, I know everything there is to know about Virut. I have only had three cases of Virut in my helping to get user's computers clean. I have helped a lot of users get computers clean, and I have seen everything from backdoor trojans, to near impossible library rootkits. Either learn the material and let it speak for you, or do not say you are an expert. Shouting you are an expert without material to help back it up is what causes flame wars and other crazy discussions. Be careful with your words, and speak politely - without shoving it in to everyone's face.

~DragonMaster Jay, malware researcher,
Admin, helpmyos.com

User picture

Google

Tue 06 Oct 2009 12:32:59 PM UTC — BobJam

Then Google it. There are 988,000 hits for an "expert" to look at.

User picture

Virut

Tue 06 Oct 2009 11:56:31 PM UTC — phantazm

"Virut is a family of polymorphic memory-resident appending file infectors that have Entry Point Obscuring (EPO) capabilities. Viruses belonging to this family infect files with .EXE and .SCR extensions. All viruses belonging to the Virut family also contain an IRC-based backdoor that provides unauthorized access to infected computers...".
http://www.f-secure.com/v-descs/virus_w32_virut.sh...

User picture

Umm...

Wed 07 Oct 2009 12:19:51 AM UTC — jpvip

Yes, that is a library definition, but see this definition, which might help a little more, and/or break it down better: https://forums.comodo.com/defense_help/what_about_...

And this: http://www.helpmyos.com/malware-threat-removal-f6/...

~DragonMaster Jay, malware researcher,
Admin, helpmyos.com

User picture

Good news and bad news

Wed 07 Oct 2009 02:15:30 PM UTC — Virus Hater

The bad news, is that Roguedb.tk has been parked.

The goods news, is that RogueWatch's 4shared page is still active. Thank god for that.

123next ›last »