Virus peddlers set up shop on Google code project
Internet scoundrels have begun abusing Google code hosting projects to distribute malware and promote smut. The assault follows a bout of the same kind of abuse against Microsoft's comparable MSN Spaces beta site dating back a year, net security firm McAfee reports. Misuse of Google code is much more recent and something that …
post a bunch of obfuscated source and a bunch of binaries. most people will install the binaries anyway . ( who compiles everything from scratch anyway ) so a small 'difference' between the posted binary and the clean source and you have a nice entry point.
Why obfuscated? Here's a better one. Post real, honest to go source for something useful and moody binaries. When binary is run it does nothing but drop a trojan and then fake an error. I reckon 95% of people will go "oh shit, it doesn't work", uninstall the original binaries and forget about it. 4.9999% will go on to grab the source, compile it, find it works and forget about it. That leaves just the 0.00001% who'll go to the trouble of subsequently examining their compiled version, comparing it to the supplied one as potential troublemakers.
Sign up, sign up for The Register's weekly IT security newsletter - click here
