Feeds

back to article Bogus Kama Sutra presentation opens your backdoor to hackers

A booby-trapped Kama Sutra-themed presentation will plant a backdoor when run on Windows machines, security watchers warn. The supposed PowerPoint presentation file – called Real kamasutra.pps.exe* – supposedly demonstrates different sexual positions. The file does include a NSFW slideshow of 13 different positions, but this is …

COMMENTS

This topic is closed for new posts.
Gates Halo

backdoor Windows machines

> A booby-trapped Kama Sutra-themed presentation will plant a backdoor when run on Windows machines, security watchers warn.

Well, DOH !!!

1
0
Coat

Open this file...

...and your're fooked.

0
1
Bronze badge
Paris Hilton

Where to start?

Backdoor, trojan, sexually transmitted disease.

I just don't know where to start on a good joke.

0
0
Gold badge
Paris Hilton

Double extensions

Microsoft eventually gave up on auto-running whatever removeable medium you stick in the machine. It was a daft idea and ten years of security holes eventually rammed the message home.

The same will happen for hiding file extensions, eventually. Till then, we have stories like this.

6
0

Hiding file extensions.

Since windows always seems to hide file extensions (i still dont know how this is good for people), this will continue.

Sadly the practice of people randomly clicking on things people send them such as this will continue as stupid people breed.

0
0
Silver badge
FAIL

Rather silly really

Even in their own documentation, MS frequently refers to "the .exe file" or "the .doc file" which must confuse a lot of people who have never turned off the default hide-extensions.

0
0
Bronze badge
Gates Horns

This daft idea is much older...

it goes all the way back to DOS and the 8.3 filename, and there are so many assumptions built on it that MS probably can't change it...

i) every 8.3 filename has an extension that might indicate what type of file it is... but there is no registration of standard extensions

ii) Windows: you will ONLY use your data files with one application, the registry associates known extensions with the relevant application

iii) Windows 95: long filenames still have extensions (for compatibility) but they can also use "." elsewhere

iv) technical details will be hidden from users

The result is a user interface that does not provide sufficient information about what will happen when the user does something. Double-clicking on a icon might load the file in your favourite application, or run the file, or load the file in a completely different application that has managed to change the association in the registry...

1
0
Pint

Playmobile Re-enactment

Please?

1
0
Linux

So,

As I don't run Windows, I can sit back and enjoy the show without worrying, right?

<--- the penguin with the I-didn't-know-that-was-even-possible eyes

1
1
Bronze badge

`Enjoying the show`

Thad,

Whenever I hear about WindoZE back doors, all I think of is:

BOHICA aka

Bend

Over

Here

It

Comes

Again

I grew so tired of the daily prostrate exams by crims, that I left WindoZE behind; and haven't regretted it either.

2
0
Joke

No !

Enjoying the show with your penguin is just wrong.

2
0
Anonymous Coward

Just Try Telling The Penguin That!

See those eyes? You think he (for a male it surely must be) would listen?

0
0

Dear Adobe, Mozilla, Opera, Google etc.

Next time you release an update for your software, stick an up-to-date, use-one-time anti-virus scan option in it. If the PC has no anti-virus on it, ask the user if they want a one-off system clean.

You will take every system your software updates out of any botnets it is part off. And then keep doing it, each time you release an update, to help persuade users to update.

For users, if you have no anti-virus, just download MSE and bloody use it, you spanners. It is free, it costs nothing, zero, zippo, zilch, bugger-all, nowt. Download it and run a full scan. It is no better and no worse than the one you got free with your PC six months ago and never paid the subs for. Just do it. Not having anti-virus is like leaving your front door open.

http://www.microsoft.com/security_essentials/

For Microsoft. Install MSE by default with your OS/updates, do the option thing you do for browsers for other anti-virus products and do the world a favour.

FFS. It's not rocket science.

1
0
Thumb Up

re. Dear Adobe, Mozilla, Opera, Google etc.

Good idea; even better, why don't the browser authors do a deal with anti-virus vendors to offer an embedded A/V to check anything downloaded by the browser? Even better if it could also scan any JavaScript for known threats before executing.

The A/V vendors could use this as advertising for their full-strength products, so they have some incentive to participate.

0
0
FAIL

RE: Dear Adobe, Mozilla, Opera, Google etc.

I think you should have written:

Dear Users

Stop using Windows. Not only is it shit, it's full of security holes.

0
0
Troll

RE: Stop using Windows. Not only is it shit, it's full of security holes.

Unfortunately, until all common Linux distributions will run windows application out of the box with the ease of windows, you won't manage to get people to switch.

I'm not up to date with the current state of WINE, and I've never actually played the following, but the point holds: Does it play crysis? (and for that matter, does it play whatever is the current leader in PC gaming technology?)

When Linux can manage this task, Then Linux will be an alternative for the common home PC user. Unfortunatly, at that time, Linux will probably have gained all the problems of windows too.

0
0
Stop

Old tricks still work

As long as file extensions are hidden by default, scammers will take advantage of it. And, as long as people need to run their computer with Administrator rights just to get their programs to run, scammers will be sending out trojans like this.

Sooner or later, people will get tired of wasting disk space, CPU time and money on anti-virus, anti-malware and anti-spyware programs and switch to an OS that's secure by design and Windows will go the way of the Dodo. Think of it as the computer equivalent of evolution in action.

3
0
Silver badge

Why should I?

Why should I read file extensions when software can do that and warn me?

Any file that is an exe dressed up to look like a jpg or .pps or .doc is pretty obviously a boody trap and should raise a few red flag and be treated with more caution than the regular nanny warning.

0
3
Gold badge

Re: boody traps

"Why should I read file extensions when software can do that and warn me?"

Er, because it doesn't? Well, Windows doesn't, anyway.

"Any file that is an exe dressed up to look like a jpg or .pps or .doc is pretty obviously a boody trap and should raise a few red flag and be treated with more caution than the regular nanny warning."

Fair point. Has anyone got a list of the AV programs that don't automatically quarantine such flagrant malware when "heuristic checking" is switched on?

0
0
FAIL

NSFW? Where is the proof?

I figured somebody would have already said this, "Pix or no story."

NSFW - Not Suitable for Wanking.

0
0
Silver badge

Oh

Here I was thinking the article was NSFW but now I see it's the phony ppt file that's NSFW and I could have read the article at work after all.

0
0
Silver badge
Linux

ha ha ha ha

ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha

0
0
FAIL

comment.txt.exe

You would think that any double-extension file would throw up a red-flag in pretty much every Anti-Virus product out there, especially when the actual file is an exe file.

1
0
Pint

That'd be a no brainer

However My AV Vendor won't actually stop this glaringly obvious one as it's like the sign "free beer tomorrow". However the problem always is between the chair and the keyboard (or touchpad). That factor is very difficult to deal with unless you lock the system, even then they'll unlock it and still get caught out.

I'm waiting to see Oohlook.doc.tar being sent to me...

Beer, as there's no WINE here.

0
0
This topic is closed for new posts.