Kenzero

Last updated

Kenzer0 is a computer trojan that is spread across peer-to-peer networks and is programmed to monitor the browsing history of victims. [1]

Contents

History

The Kenzero trojan was first discovered on the November 27, 2009, but researchers think it went undetected for a few months prior to the initial discovery. [2]

Operations

Kenzero attacks computers that download files through peer-to-peer networks (P2P). Once the file is opened, the virus locates the victim's browsing history and publishes it online. People can then view the file(s). [3] [4] It then demands a fee for it's removal. [5]

The virus hides inside video files of Hentai anime. It spreads via p2p networks. [5]

Related Research Articles

<span class="mw-page-title-main">LimeWire</span> Peer-to-peer file sharing application

LimeWire was a free peer-to-peer file sharing client for Windows, macOS, Linux, and Solaris. Created by Mark Gorton in 2000, it was most prominently a tool used for the download and distribution of pirated materials, particularly pirated music. In 2007, LimeWire was estimated to be installed on over one-third of all computers globally.

Malware is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or which unknowingly interferes with the user's computer security and privacy. Researchers tend to classify malware into one or more sub-types.

<span class="mw-page-title-main">Peer-to-peer</span> Type of decentralized and distributed network architecture

Peer-to-peer (P2P) computing or networking is a distributed application architecture that partitions tasks or workloads between peers. Peers are equally privileged, equipotent participants in the network, forming a peer-to-peer network of nodes. In addition, a personal area network (PAN) is also in nature a type of decentralized peer-to-peer network typically between two devices.

Uploading refers to transmitting data from one computer system to another through means of a network. Common methods of uploading include: uploading via web browsers, FTP clients, and terminals (SCP/SFTP). Uploading can be used in the context of clients that send files to a central server. While uploading can also be defined in the context of sending files between distributed clients, such as with a peer-to-peer (P2P) file-sharing protocol like BitTorrent, the term file sharing is more often used in this case. Moving files within a computer system, as opposed to over a network, is called file copying.

<span class="mw-page-title-main">Timeline of computer viruses and worms</span> Computer malware timeline

This timeline of computer viruses and worms presents a chronological timeline of noteworthy computer viruses, computer worms, Trojan horses, similar malware, related research and events.

Winny is a Japanese peer-to-peer (P2P) file-sharing program developed by Isamu Kaneko, a research assistant at the University of Tokyo in 2002. Like Freenet, a user must add an encrypted node list in order to connect to other nodes on the network. Users choose three cluster words which symbolize their interests, and then Winny connects to other nodes which share these cluster words, downloading and storing encrypted data from cache of these neighbors in a distributed data store. If users want a particular file, they set up triggers (keywords), and Winny will download files marked by these triggers. The encryption was meant to provide anonymity, but Winny also included bulletin boards where users would announce uploads, and the IP address of posters could be discovered through these boards. While Freenet was implemented in Java, Winny was implemented as a Windows C++ application.

<span class="mw-page-title-main">Botnet</span> Collection of compromised internet-connected devices controlled by a third party

A botnet is a group of Internet-connected devices, each of which runs one or more bots. Botnets can be used to perform distributed denial-of-service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its connection. The owner can control the botnet using command and control (C&C) software. The word "botnet" is a portmanteau of the words "robot" and "network". The term is usually used with a negative or malicious connotation.

<span class="mw-page-title-main">Peer-to-peer file sharing</span> Data distribution using P2P networking technology

Peer-to-peer file sharing is the distribution and sharing of digital media using peer-to-peer (P2P) networking technology. P2P file sharing allows users to access media files such as books, music, movies, and games using a P2P software program that searches for other connected computers on a P2P network to locate the desired content. The nodes (peers) of such networks are end-user computers and distribution servers.

<span class="mw-page-title-main">Perfect Dark (P2P)</span> Peer to peer software

Perfect Dark (パーフェクトダーク) is a peer-to-peer file-sharing (P2P) application from Japan designed for use with Microsoft Windows. It was launched in 2006. Its author is known by the pseudonym Kaichō. Perfect Dark was developed with the intention for it to be the successor to both Winny and Share software. While Japan's Association for Copyright of Computer Software reported that in January 2014, the number of nodes connected on Perfect Dark was less than on Share, but more than on Winny, Netagent in 2018 reported Winny being the largest with 50 000 nodes followed by Perfect Dark with 30 000 nodes followed by Share with 10 000. Netagent asserts that the number of nodes on Perfect Dark have fallen since 2015 while the numbers of Winny hold steady. Netagent reports that users of Perfect Dark are most likely to share books/manga.

<span class="mw-page-title-main">Storm botnet</span> Computer botnet

The Storm botnet or Storm Worm botnet was a remotely controlled network of "zombie" computers that had been linked by the Storm Worm, a Trojan horse spread through e-mail spam. At its height in September 2007, the Storm botnet was running on anywhere from 1 million to 50 million computer systems, and accounted for 8% of all malware on Microsoft Windows computers. It was first identified around January 2007, having been distributed by email with subjects such as "230 dead as storm batters Europe," giving it its well-known name. The botnet began to decline in late 2007, and by mid-2008 had been reduced to infecting about 85,000 computers, far less than it had infected a year earlier.

Founded in 2004 in New York City, Pando Networks was a managed peer-to-peer (P2P) media distribution company backed by Intel Capital, BRM Capital and Wheatley Partners. The company specialized in cloud distribution of games, video and software for publishers and media distributors and also operated a freemium consumer business for sending large files.

AWF is a malicious Trojan downloader affecting the Microsoft Windows operating system.

Koobface is a network worm that attacks Microsoft Windows, Mac OS X, and Linux platforms. This worm originally targeted users of networking websites such as Facebook, Skype, Yahoo Messenger, and email websites such as GMail, Yahoo Mail, and AOL Mail. It also targets other networking websites, such as MySpace, Twitter, and it can infect other devices on the same local network. Technical support scammers also fraudulently claim to their intended victims that they have a Koobface infection on their computer by using fake popups and using built-in Windows programs.

<i>Cross Days</i> 2010 video game

Cross Days is a Japanese erotic visual novel developed by 0verflow, released on March 19, 2010 for Windows and later ported as a DVD game and for the PlayStation Portable (PSP). The story, a dramatic slice-of-life, follows the life of Yuuki Ashikaga, a high school student who becomes the ambivalent love-interest of two girls during his second term, and the effects this has on himself and his relationships with other characters. Though the game requires little interaction from users, Cross Days engages the player through a nonlinear plot that they are given opportunities to change the course of during play. The game is the third installation of the School Days line of series, succeeding Summer Days.

Zeus is a Trojan horse malware package that runs on versions of Microsoft Windows. It is often used to steal banking information by man-in-the-browser keystroke logging and form grabbing. Zeus is spread mainly through drive-by downloads and phishing schemes. First identified in July 2007 when it was used to steal information from the United States Department of Transportation, it became more widespread in March 2009. In June 2009 security company Prevx discovered that Zeus had compromised over 74,000 FTP accounts on websites of such companies as the Bank of America, NASA, Monster.com, ABC, Oracle, Play.com, Cisco, Amazon, and BusinessWeek. Similarly to Koobface, Zeus has also been used to trick victims of technical support scams into giving the scam artists money through pop-up messages that claim the user has a virus, when in reality they might have no viruses at all. The scammers may use programs such as Command prompt or Event viewer to make the user believe that their computer is infected.

Torrent poisoning is intentionally sharing corrupt data or data with misleading, deceiving file names using the BitTorrent protocol. This practice of uploading fake torrents is sometimes carried out by anti-infringement organisations as an attempt to prevent the peer-to-peer (P2P) sharing of copyrighted content, and to gather the IP addresses of downloaders.

Metallica, et al. v. Napster, Inc. was a 2000 U.S. District Court for the Northern District of California case that focused on copyright infringement, racketeering, and unlawful use of digital audio interface devices. Metallica vs. Napster, Inc. was the first case that involved an artist suing a peer-to-peer file sharing ("P2P") software company.

Sality is the classification for a family of malicious software (malware), which infects Microsoft Windows systems files. Sality was first discovered in 2003 and has advanced to become a dynamic, enduring and full-featured form of malicious code. Systems infected with Sality may communicate over a peer-to-peer (P2P) network to form a botnet to relay spam, proxying of communications, exfiltrating sensitive data, compromising web servers and/or coordinating distributed computing tasks to process intensive tasks. Since 2010, certain variants of Sality have also incorporated rootkit functions as part of an ongoing evolution of the malware family. Because of its continued development and capabilities, Sality is considered one of the most complex and formidable forms of malware to date.

File sharing in Japan is notable for both its size and sophistication.

<span class="mw-page-title-main">Gameover ZeuS</span> Peer-to-peer botnet

GameOver ZeuS (GOZ), also known as peer-to-peer (P2P) ZeuS, ZeuS3, and GoZeus, is a Trojan horse developed by Russian cybercriminal Evgeniy Bogachev. Created in 2011 as a successor to Jabber Zeus, another project of Bogachev's, the malware is notorious for its usage in bank fraud resulting in damages of approximately $100 million and being the main vehicle through which the CryptoLocker ransomware attack was conducted, resulting in millions of dollars of losses. At the peak of its activity in 2012 and 2013, between 500,000 and 1 million computers were infected with GameOver ZeuS.

References

  1. Kenzero Virus Blackmails Those Who Illegally Download Anime Porn, by Caleb Johnson, April 16, 2010, Switched
  2. [Infostealer.Kenzero]
  3. Browsing histories published online in Kenzero virus scam, By Claudine Beaumont, 16 Apr 2010, The Telegraph
  4. Blackmail virus infects computers, holds information ransom Archived 2016-06-11 at the Wayback Machine , By Josh Harvison, Sep 27, 2010, KAIT-Jonesboro, AR-News
  5. 1 2 Banks, Tom. "The Computer Virus Catalog". Design Week .