Security- Size May Matter

Posted in Gaming, Security, Video Games by wayne.porter on August 3rd, 2008

Sandi Hardmeier, Microsoft Security MVP, has made an interesting observation about the current WALL-E download spyware business.

From her blog:

As you can see, the UK version of the game (which is the game that the original complainant downloaded), is 177 megabytes, as is the French version, the German version, the version for Denmark, and the version for Italy).  The US version, on the other hand, that I started downloading is only 133 megabytes.

The Australian version is the same name, and size, as the USA version.  The same can be said for the versions for Denmark and Sweden and Finland and Spain.

The 177 meg versions all have unique file names - the 133 meg versions offered for download all have the same file name.

So, the first question is, why is there a 44 megabytes difference in size?  The installer for the Ardamax Keylogger is nowhere near that size.

It will be interesting to see the install test results for the two versions, once they finally finish downloading - they are coming down SLOWLY…..

 

Makes me wonder what else might be in the .exe Sandi???…some folks (like Sandi and Tom) are running the bloated binary through the wringer so maybe we will have some MD5 checksums and the like to examine. Bill Pytlovany underscores why this is a big deal (if it proves to be true) and why malware and spyware fighting is a never ending and rather frustrating business.

It’s always a pleasure to meet other security minded people but it’s troubling when it’s related to a new threat for our kids. My grandson Tristan went to the movies to see Disney’s new Wall-E and so did my new security friend who has the blog “Timeless Journeys”.

Kids…going to see a Disney movie and getting something nasty in the process from a game- and traffic analysis shows the canonical domains are hopping after the movie release…

I have seen it too many times to know what reality can be. e.g. Google Blogspot JS header injection or garbage like yapbrowser (another blast from the past.). I still hope it is a false positive- which will also be curious as I am sure neither Disney nor Pixar want to be associated with spyware…I hope.

disney keyloggers pixar Security spyware trojans wall e

Popularity: 5% [?]

Share This

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Related Links


Close
E-mail It