# P2p malware



## sky1819 (Jun 23, 2015)

i read some articles by tiversa that says that malware can change files around on p2p network. Such as they can add files to your share folder to make personal files available or worse yet your whole hard drive. I have talked to a couple techs and some say that would be way to complicated and to much work to program malware that moves folders around in a p2p share folder. Others say it can't be done. And some say it's possible and likely. I just would like some opinions on this. Why anyone would go to so much trouble when they can access it through a easier way.


----------



## remixedcat (Jun 23, 2015)

depends on where you get it


----------



## sky1819 (Jun 23, 2015)

Limewire 08-10


----------



## remixedcat (Jun 23, 2015)

ugh -_-that explains it


----------



## sky1819 (Jun 23, 2015)

Do explain


----------



## remixedcat (Jun 23, 2015)

limewire started to be the # source for malware for a loonnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnng time


----------



## sky1819 (Jun 23, 2015)

remixedcat said:


> limewire started to be the # source for malware for a loonnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnnng time


Yes but I didn't know if that type of malware is likely where it changes and moves files around in the share folder to make personal files available for everyone to download


----------



## Kursah (Jun 23, 2015)

Adding and modifying permissions is easy of your account is an admin account and the malware is able to make those changes without needing to elevate permissions, it wouldn't really take all that much to accomplish if the programmer was talented enough. Modifying the ACL's for a folder so it is now shared can happen, but you don't see it too much...at least I haven't. I see more along the lines of encrypting your files so that you no longer have access to them in the case of ransomware like CryptoLocker and CryptoWall.

Honestly, file manipulation isn't that hard to do, and without having some sort of MD5 check or similar, having modified files period is much more likely.

It's been a while since I've heard of anyone using or even mention LimeWire and FrostWire...wouldn't touch that crap on any of my PC's ever.


----------



## sky1819 (Jun 23, 2015)

Thanks. I never had my files encrypted but just wondering the likelyhood of my files being changed. I would rather have the hacked have access to my files than them exposing it to the whole limewire network for everyone to download. I would rather one person have it than the world


----------



## natr0n (Jun 23, 2015)

using dinosaur software in 2015


----------



## sky1819 (Jun 23, 2015)

What's that and it came out this year


----------



## dorsetknob (Jun 23, 2015)

limewire   the worst p2p you could ever use thats all that can or should be said
P"P is generaly used for Illegal file sharing and as such not allowed to be discussed on site  thread will probably reviewed by mod and probably deleted


----------



## 95Viper (Jun 23, 2015)

Trailblazer said:


> What's that and it came out this year




Quote from wiki page:


> LimeWire was a free peer-to-peer file sharing (P2P) client program that ran on Windows, Mac OS X, Linux, and other operating systems supported by the Java software platform. LimeWire used the gnutella network as well as the BitTorrent protocol. A freeware version and a purchasable "enhanced" version were available. BitTorrent support is provided by libtorrent.
> 
> 
> On *October 26, 2010*, U.S. federal court judge Kimba Wood issued an injunction forcing LimeWire to prevent "the searching, downloading, uploading, file trading and/or file distribution functionality, and/or all functionality" of its software in Arista Records LLC v. Lime Group LLC. A trial investigating the damages necessary to compensate the affected record labels was scheduled to begin in January 2011. As a result of the injunction, LimeWire stopped distributing the LimeWire software, and versions 5.5.11 and newer have been disabled using a backdoor installed by the company. _*However, version 5.5.10 and all prior versions of LimeWire remain fully functional and cannot be disabled unless a user upgrades to one of the newer versions. The program has been "resurrected" by the creators of WireShare (formerly known as LimeWire Pirate Edition).*_



The others members are right... you might wanna look for an alternative.
And, get some god A/V and anti-malware or wipe your drives and start over.


----------



## sky1819 (Jun 23, 2015)

I know it had malware on it that's not what I'm asking lol. I'm asking how likely it would be for mallwar to change share folder files around to make personal files available to the network


----------



## R-T-B (Jun 23, 2015)

Trailblazer said:


> I know it had malware on it that's not what I'm asking lol. I'm asking how likely it would be for mallwar to change share folder files around to make personal files available to the network



As likely as someone wanting to program it.


----------



## Kursah (Jun 23, 2015)

If your account has administrative privileges, then it is likely. Changing share permissions is quite easy as I mentioned before. Your wording is not quite correct, which makes me wonder where you stand on the comprehension of access control and security of your system. With that said, and I mean no offense, what are you using to protect and clean your system?

If a piece of malware accesses your account privileges, making changes that you'll never notice is quite easy, and likely could already be happening if you're using LW or FW for P2P services. The risk greatly increases with this kind of software...but there is no sure answer to this. You take a greater risk, and that is your choice. People recommend against it clearly for a reason, whether or not you want to "lol" at their warnings is your choice. I would recommend you worry less about getting your exact answer and ensure you're protected against the ignorance of using that software for file sharing. It's bad, dangerous and a waste of time, and was 10 years ago. If you want to continue using it, do so at your own risk, but don't expect exact answers for something that isn't exact.

if you want an exact answer, the closest I would give you is: VERY LIKELY

But it depends, what you're downloading, how you protect your system and network, if you have administrative privileges on the account you use, and how sloppy you are with your system, shares and security (don't worry, many users are sloppy because they don't know any better, and to improve security means comprehension and time investment).

I hope that helps!


----------



## xvi (Jun 23, 2015)

dorsetknob said:


> P"P is generaly used for Illegal file sharing and as such not allowed to be discussed on site thread will probably reviewed by mod and probably deleted


While I agree, it does (technically) have legitimate uses. I'd like to explain the difference here.

Limewire (and a number of older file sharing programs/networks) work by allowing you to search for a filename among file that are shared by other people. Once you choose a file to download, it looks for other people with the same file so that it can download from other people. If the file is downloaded to a machine that then infects the file, the now modified file will be accessible to you to download. Because we pick which file to download via it's filename and because all downloaded files are shared, it is very easy for viruses to spread through these means.

In contrast with more popular methods these days, a file is chosen by its hash (which is kind of like a fingerprint for files). When you ask to download that file, it looks for other people who have files with that exact fingerprint. If the same machine that downloaded that file then infects the file with a virus, the file's hash changes, the download client rechecks the file, and redownloads the sections that are modified which corrects the infection back to the original file. If the file is modified in *any* way, it is no longer treated as the same file and is *not* shared. Therefor, as long as the original file was not infected, you will never receive an infected file from that download.\


Edit: To answer your question directly, sure it's possible. I think it's unlikely though. If it's personal information, why wouldn't the virus share with anyone but the creator? Why share what could be stolen with other people?


----------



## Schmuckley (Jun 23, 2015)

No Limewire! ever!
Nothing newer than Utorrent 2.0...and watch fer "adding stuff"
Oh yeah,there's this thing called "peerblock"


----------



## sky1819 (Jun 23, 2015)

So would it be hard to add viruses in limewire a few years ago to make it change share folder files around


----------



## Schmuckley (Jun 23, 2015)

Limewire IS a virus..avoid it..


----------



## qubit (Jun 23, 2015)

You've been given gold plated answers here, but you don't seem to understand or appreciate them.

It's not about "moving shared folders around" like you keep saying. That's just daft. It's about spreading malware with a dodgy file sharing client.


----------



## sky1819 (Jun 23, 2015)

What's daft sorry? And yes I know malware spreads like wild fire through p2p. I don't use it anymore I'm just curious about the whole changing the share folder with personal files?


----------



## Kursah (Jun 23, 2015)

I've explained it to you, and as I mentioned before I question your comprehension of sharing, privileges, access control lists and such terms.

If your account is a part of your local administrators group, and something gains access to that account's privileges, then yes it can change damn near whatever it wants about your system, its files, shares, etc.

You keep saying "changing the share folder with personal files", which isn't quite clear and has led me to question your comprehension of this and I'm wondering if there is a different way I can explain it.

Sharing over a network in Windows, is simply put as creating a list of who does and doesn't have access. You can use user names and groups (depending on the type of network, a domain handles this better). So it's not changing the shared folder, it's who you allow to see the folder and its contents, then what can they do with it? Can they read (access and download), can they change/modify/add? Do they have full control as if it were on their local system?

Personal files in Windows, you need to be more clear. If you mean your pictures, videos, music and documents folders, then those have some share pre-configurations because Windows wants you to share those contents on the more interconnected network of sharing things. If you store your strict personal files there, then you should be either changing share permissions if you enabled them (which is easy as Windows 7 and newer prompt you with its Network and Sharing services). So if a piece of software such as Limewire scans your system for shares, those files may already be accessible without anything messing with the settings.

So really it depends on you more than the software, if you allow it, it will happen. If you don't know how to deal with it, then it's probably already happened or will eventually and you'll never know it.

Here's some reading material to understand file sharing better:

http://www.techradar.com/us/news/ne...nd-network-sharing-the-complete-guide-1119901
http://compnetworking.about.com/od/windowsfilesharing/a/introduction-to-windows-file-sharing.htm
http://www.pcmag.com/article2/0,2817,2472367,00.asp
http://www.windowscentral.com/homegroups-101
http://windows.microsoft.com/en-us/...ver-the-network-from-windows-vista-inside-out

If you can do it, someone out there can easily design a piece of software or a script to do it for you. Especially with administrative access, which again as I said many run their accounts on. If you don't understand that, here's some more reading to assist:

http://windows.microsoft.com/en-us/...-between-a-domain-a-workgroup-and-a-homegroup
http://blog.varonis.com/the-difference-between-everyone-and-authenticated-users/
http://stackoverflow.com/questions/...indows-administrator-and-windows-system-users
http://www.anvisoft.com/resources/differences-among-standard-administrator-and-guest-users/
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Windows/Q_28001942.html

I hope that helps you on your search to better ask questions and get your answers. Maybe I'm chasing the wrong trail, but I'm hoping we're getting somewhere in answering your question in the best way for you to understand!


----------



## sky1819 (Jun 23, 2015)

What I mean by share folder is the limewire share folder where all your stuff you download is saved there and re shared on the network. However you can add files to this by clicking on the opinions and tools And adding files. But the article I'm talking about is malware could move personal folders that aren't meant to be shared to the limewire share folder where others have access to it. Meaning switching save locations. That malware is adding folders to the limewire share folder so that your hard drive or personal files are exposed on the limewire network for people to download.


----------



## Kursah (Jun 23, 2015)

That takes scripting or running a conflicted piece of that software that poses as a legitimate version. It would be pretty easy to copy and paste or even cut and paste files from specific locations over to the LW shared directory...you can do it right now with your account I bet...and if you can, a piece of malware or engineered piece of software meant for P2P then re-engineered to search out and find those files to copy over could be quite real and not too hard to do for talented programmers. Adding folders to the shared/monitored list is pretty easy too...I'm sure a simple script that runs in the background that you never notice could likely do the same thing with the right person engineering it. 

Honestly it is likely very real, but reading the articles and links I posted, plus getting more familiar with how shares work, how Limewire works, running preventative measures and being smart one would easily bypass and be aware of what they're sharing and to who, which would defeat what that piece of malware set out to do in the first place. You're in control, whether you like it or not...and if you don't empower yourself to learn how, then you're making yourself a victim without having a chance with software like Limewire.

Maybe link the articles?


----------



## Jetster (Jun 23, 2015)

Jesus people still use Limewire?  If I was a software developer or artist the first place i would put malware latent content would be that network. Just try to steal my shit. That's is the key here. Stealing content is dangerous


----------



## xorbe (Jun 23, 2015)

The p2p client must be corrupted from the get go.  Otherwise the modified files received would fail the block hash check.


----------



## Mussels (Jun 23, 2015)

This seems to be running in circles and getting stupidly complicated.

1. hashed files cannot be alterered or replaced without the program doing the checking being compromised
2. malware can do whatever the feck it wants, including changing save locations.
3. limewire is long dead, the client you're using could well contain malware.


----------



## sky1819 (Jun 23, 2015)

http://www.consumer.ftc.gov/articles/0016-p2p-file-sharing-risks


----------



## P4-630 (Jun 23, 2015)

Trailblazer said:


> http://www.consumer.ftc.gov/articles/0016-p2p-file-sharing-risks



Just don't use it!


----------



## sky1819 (Jun 23, 2015)

I don't anymore I haven't in years. I'm just hoping my files didn't get moved around when I did. I delete the program and computer is gone so I won't know if my bank account or God knows what is bein circulated. What files would the malware generally share on your PC.


----------



## xorbe (Jun 23, 2015)

Trailblazer said:


> http://www.consumer.ftc.gov/articles/0016-p2p-file-sharing-risks



Wow I am ashamed that my gov't hosts that pos fear mongering web page.


----------



## sky1819 (Jun 23, 2015)

Mhmm you think this is propaganda


----------



## dorsetknob (Jun 23, 2015)

Its not all properganda   the Risks of virus/trojen malware from P2P Software is / has been well documented over the Years.
Limewire/frostwire was Known as one of the most Notorious pieces of Malicious software available.

I'M happy if you chose to use it BECAUSE sooner or later your have to Pay a computer Specialist  to sort out the problems its going to cause.

 More paying work for us


----------



## sky1819 (Jun 23, 2015)

I don't use it anymore like o said. I'm just taking about the extreme changing al your files part is that far fetched


----------



## silkstone (Jun 23, 2015)

The code has to be executed before any changes can be implemented. A semi-decent AV will catch 99.9% of malware circulated by P2P.


----------



## sky1819 (Jun 23, 2015)

I had av for a while until it expired.


----------



## dorsetknob (Jun 23, 2015)

there is free a/v software available you should find some and use it.
generally speaking anything is better than none
There are threads on site which will give you the pro's and con's of the various brands


----------



## sky1819 (Jun 23, 2015)

Thank you. But can they generally happen where all you files get transfers to p2p share folder through malwar. I know U can pick up malware but that in general how likely??


----------



## silkstone (Jun 23, 2015)

Can you explain more clearly what you did that id worrying you?
Downloaded things via P2P > You won't get malware
Played music downloaded via P2P > Unlikely to get malware
Run random .exe or .bat files downloaded via P2P with AV > Unlikely
Run random .exe or .bat files downloaded via P2P without AV > more likely

It all depends on what kinds of things you downloaded and tried to run.

Windows also generally has innate protection (in the form of windows defender) to stop the more damaging malware affecting your system.

Think of Limewire as a $2 ho.
To computer geeks, you question is kinda like "I had sex! Will I get aids?"
The answer is "It depends. Did you stick it in?, Was it clean? and, Did you use protection?"


----------



## sky1819 (Jun 23, 2015)

Hahaha!! I believe when I had an avg I tried to download Microsoft word several times and most of it was viruses so I went and bought the program. But after that I just downloaded music.


----------



## Jetster (Jun 23, 2015)

AV is not going to help with most malware


----------



## Mindweaver (Jun 23, 2015)

Ok, it seems that your question has been answered. Do to the amount of WTF am I reading from the OP.. This thread is *needs to be* closed and to sum it up, don't use Limewire.

*EDIT: I thought this was in my section.. lol*


----------

