OpenBCM V1.07b12 (Linux)

Packet Radio Mailbox

IW8PGT

[Mendicino(CS)-Italy]

 Login: GUEST





  
PE1RRR > ALL      17.02.23 01:00l 70 Lines 2153 Bytes #999 (0) @ WW
BID : 9500-PE1RRR
Read: GUEST
Subj: Re: Virus in programming software?
Path: IW8PGT<LU4ECL<LU9DCE<W0ARP<N3HYM<IV3BVK<PE1RRR
Sent: 230216/2053Z @:PE1RRR.#NBW.NLD.EURO #:9500 [Rijen] $:9500-PE1RRR
From: PE1RRR@PE1RRR.#NBW.NLD.EURO
To  : ALL@WW


Wow Misko!

I would never disable AV software if it was already replicating on
the thumbdrive. That is massively suspicious. Keep the file for
reporting purposes, you know the process. Maybe it is possible to
send the software to an analyser that runs the virus in a sandbox to find
out what it does.

"file forensics sandbox" google keywords.

https://www.joesandbox.com/#windows

Maybe possible online?

73 GL
Red


On Thu, 16 Feb 2023 17:40:00 +0100
YT7MPB (Misko) <YT7MPB@YT7MPB.#NSD.SRB.EU> wrote:

> Path: !W9GM!N3HYM!YT7MPB!
>
>
> Hi all,
>
> I have recently asked the Chinese company Chierda (the producer of
> handheld radio stations) to send me their programming software so I
> could adapt some of their products to our domestic radio regulations.
> (As the software was not readily available trough their website, I
> asked them for a link to it.)
>
> In response I was instructed to download the software
> through this link: https://we.tl/t-oZVSyiE6RJ=20
>
> (As you might have noticed, I repeat my mail of Date: Sun, 12 Feb 23
> 13:47:20 Z and noticed that the questioned file is not there anymore.)
>
> After getting the .rar archive and opening it, I was warned by the
> antivirus protection that the package was infected by a malicious
> content. In the same time, I noticed that the thumb drive I was using
> for download started to be filled with short .pif and .exe files
> generated every 3-5 seconds. Obviously something was replicating there.
>
> I managed to remove the nasty payload from both the thumb drive and an
> another one that I used as a clean media for control. Then I contacted
> Chierda again and complained about the incident. They responded:
>
> Uh it's normal, pls turn off all antivirus software and try
> agian :D
>
> It makes me wonder if you had similar experience with programming
> software (or any other software) provided by electronics manufacturers.
> And your opinion about turning off the antivirus protection to solve
> issues with factory-made software.
>
> --
> 73 de Misko YT7MPB@YU7BPQ.#NSD.SRB.EU
>
>


--
PE1RRR <PE1RRR@PE1RRR.#NBW.NLD.EURO>



Read previous mail | Read next mail

 11.05.2024 06:35:21lGo back Go up