- This topic has 7 replies, 7 voices, and was last updated 20 years, 10 months ago by
.
-
Posts
-
I know that this is probably the wrong forum, but I’m posting it here since most IM users use AIM.
—-
There are many programs designed to improve the IM experience, but sadly, there are also losers out there bent on stealing people’s accounts with fake add-ons.Of course, you can scan programs, but some keyloggers are planted in programs so well that they cannot be detected by scanners. Also, a virus scanner will not pick up code built into a program that will send your password to a malicious user.
So, if you downloaded an add-on or an alternate client and you’re not sure whether it’s safe, and you don’t want to create an alternate account, here’s what to do.
Of course, you can try to decompile the program to see if it has any password stealing functions, but not all programs can be readily decompiled, and not everyone knows assembly/disassembling.
—-
You will need to download a packet sniffer – I prefer WPE Pro.
http://www.phuzion.com/?p=downloads&id=10
Some virus scanners might think it’s a virus, but as far as I know, it is not. If the download does not work, save it to disk and open it with WinRAR.
—-
First, load the IM add-on and WPE Pro. In WPE Pro, go to “Target Program” and select the IM add-on you plan to use. Start logging the packets with the “play” button, and sign on using the IM client. Stop the logging.
You should see the packets sent and received. You might not see your password in plain-text anywhere, but you can still look for suspicious IPs that the program has sent any packets to.
Please correct me if I made any mistakes.
– Danny
yea but the thing is that if it is sending something wouldnt it send anyway or would that program stop it sending the information?
When using Zone Alarm, doesn’t it block the connection but also tell you what place the connection was attempting to connect to?
ys8er2323 wrote:yea but the thing is that if it is sending something wouldnt it send anyway or would that program stop it sending the information?The information would send anyway.
Someguy03 wrote:When using Zone Alarm, doesn’t it block the connection but also tell you what place the connection was attempting to connect to?Correct – same with NIS.
Also, the users that are more likely to get their password stolen are the ones that are novice users, who could not figure this type of software out.
ok how do we know your not a “loser” trying to click the link… into a hacking thing taht gets the pass?
grant6 wrote:ok how do we know your not a “loser” trying to click the link… into a hacking thing taht gets the pass?Because WPE Pro is a very popular application. Please do a little research before you ask things like that, or just don’t click the link.
Lol told.
Once you have the address that the ‘add-on’ is trying to connect to, you can easily do a ‘whois’ on a website to find information such as ISP. Normally the information comes with a abuse information. If you notice harm being done to your computer, you could report them here 🙂This is taking measures to the extreme, but, some people do need it 🙂
- You must be logged in to reply to this topic.