Results 1 to 6 of 6
  1. #1
    VoidMaster
    Join Date
    Dec 2004
    Posts
    6,050

    Default The Golden Tax Department and the Emergence of GoldenSpy Malware

    https://www.trustwave.com/en-us/reso...enspy-malware/

    GoldenSpy installs two identical versions of itself, both as persistent autostart services. If either stops running, it will respawn its counterpart. Furthermore, it utilizes an exeprotector module that monitors for the deletion of either iteration of itself. If deleted, it will download and execute a new version. Effectively, this triple-layer protection makes it exceedingly difficult to remove this file from an infected system.
    It's not the least charm of a theory that it is refutable. The hundred-times-refuted theory of "free will" owes its persistence to this charm alone; some one is always appearing who feels himself strong enough to refute it - Friedrich Nietzsche

  2. #2
    Senior Member piroska's Avatar
    Join Date
    Dec 2017
    Location
    With Kim-Jong-Mum
    Posts
    2,355

    Default Re: The Golden Tax Department and the Emergence of GoldenSpy Malware

    They have some clever coders.
    Still, unless you are a company doing business in China, need not worry....

    Wonder if it runs on Linux.
    Ex-pctek

  3. #3
    VoidMaster
    Join Date
    Dec 2004
    Posts
    6,050

    Default Re: The Golden Tax Department and the Emergence of GoldenSpy Malware

    My Huawei Modem has a direct link to Huawei in Wuhan in the FTP setup, check it out yours probably has it as well.

    Use Filezilla to connect to the FTP on the modem with a usb flashdrive plugged in.

    I think it was calling up my Firefox passwords before I switched off the ftp on the modem setup.
    It's not the least charm of a theory that it is refutable. The hundred-times-refuted theory of "free will" owes its persistence to this charm alone; some one is always appearing who feels himself strong enough to refute it - Friedrich Nietzsche

  4. #4
    Senior Member piroska's Avatar
    Join Date
    Dec 2017
    Location
    With Kim-Jong-Mum
    Posts
    2,355

    Default Re: The Golden Tax Department and the Emergence of GoldenSpy Malware

    Quote Originally Posted by zqwerty View Post
    My Huawei Modem has a direct link to Huawei in Wuhan in the FTP setup, check it out yours probably has it as well.

    Where do I find that? Can't see anything...
    Ex-pctek

  5. #5
    VoidMaster
    Join Date
    Dec 2004
    Posts
    6,050

    Default Re: The Golden Tax Department and the Emergence of GoldenSpy Malware

    Put the usb drive in the modem, then go into the modem and setup ftp to use the usb drive as storage, then use Filezilla to access it, I saw what looked to me as Huawei, Wuhan able to access the file share and my Firefox passwords, so I turned ftp off again and used Windows file sharing.

    192.168.1.254 gets you into the modem, the Huawei HG659b Home Gateway User Guide pdf contains the rest of the details on how to setup either method.

    You've done this setup before I'm sure, so look in the modem and you will see the appropriate section there.

    5.2 Connecting a USB Device
    After you connect a USB device to your HG659b, computers or other
    devices connected to the HG659b network can access and share the
    data in or applications provided by the USB device.
    If you connect a USB device to the HG659b, verify that the
    input voltage and current of the USB device does not
    exceed 5 V/0.65 A. Otherwise, the HG659b may
    malfunction.
    You can connect the following USB devices to your HG659b:

    Spark USB Mobile Broadband T-Stick

    USB storage device

    USB printer
    21
    5.3 Content Sharing
    The HG659b supports a home storage function, you can read
    and write files on a storage device and access the removable storage
    device through the HG659b, and configure the HG659b through a FTP
    server or Samba server to access the portable storage device from the
    LAN or Internet.
    5.3.1 Setting the FTP Access Permission
    Accessing to FTP Server Through the User Name and
    Password
    Step 1 Connect the mobile storage device to the HG659b's USB port.
    Step 2 Enable the FTP server, and configure the FTP server settings.
    1. Log in to the web management page.
    2. Choose Share > Storage Share.
    3. In Service Settings, select Enable FTP for FTP server.
    4. Click Save to save the settings.
    Step 3 Set the user name and password of the portable storage
    device
    1. In Username and Password, enter a user name and
    password for the FTP server, and re-enter the password to
    confirm it.
    2. In Directory mode, select Choose directory, and then
    click Choose Directory to choose a file sharing path.
    3. In Privilege, select the desired right.
    4. Select Enable account.
    5. Click Save to save the settings.
    22
    Accessing to FTP server Anonymously
    Step 1 Connect the portable storage device to the HG659b's USB
    port.
    Step 2 Enable the FTP server.
    1. Log in to the web management page.
    2. Choose Share > Storage Share.
    3. In Service Settings, select Enable FTP for FTP server.
    4. Click Save to save the settings.
    Step 3 Enable anonymous users.
    1. In FTP Anonymous Users, select Enable anonymous
    users.
    2. In Directory mode, choose a file sharing path.
    3. In Privilege, select the desired right.
    4. Click Save to save the settings.
    Accessing a USB Storage Device Using FTP
    You can access a USB storage device through the FTP server.
    To access a USB storage device using FTP, connect the USB storage
    device to your HG659b and set the FTP login parameters.
    Step 1 Open a browser on your computer.
    Step 2 In the address box, enter ftp://192.168.1.254. Press
    Enter.
    Step 3 In the Login dialog box, enter the login user name and
    password your set in the HG659b's Storage Share page
    (Anonymous users select the anonymous directly). Click
    Login.
    Once you pass the authentication, the directory of and files in the USB
    storage device will be displayed.
    Last edited by zqwerty; 28-06-2020 at 09:57 AM.
    It's not the least charm of a theory that it is refutable. The hundred-times-refuted theory of "free will" owes its persistence to this charm alone; some one is always appearing who feels himself strong enough to refute it - Friedrich Nietzsche

  6. #6
    VoidMaster
    Join Date
    Dec 2004
    Posts
    6,050

    Default Re: The Golden Tax Department and the Emergence of GoldenSpy Malware

    Here's a link to the relevant manual: https://www.192-168-1-1-ip.co/manuals/8588.pdf

    The part you want is section 5 the FTP server bit. Then access it via Filezilla and you should see what I said, another user based in Wuhan, I think with full access to the file share as well if FTP is turned on.

    The reason I want to file share like this using a flash drive connected to the modem is because it makes it very easy to share files on the network.

    I tried to use FTP after getting into difficulty with the usual method.
    Last edited by zqwerty; 28-06-2020 at 10:36 AM.
    It's not the least charm of a theory that it is refutable. The hundred-times-refuted theory of "free will" owes its persistence to this charm alone; some one is always appearing who feels himself strong enough to refute it - Friedrich Nietzsche

Similar Threads

  1. Corrections Department
    By Roscoe in forum PC World Chat
    Replies: 5
    Last Post: 27-08-2017, 02:59 PM
  2. Futurama Reviews Golden Globe-Nominated Films
    By ubergeek85 in forum PC World Chat
    Replies: 0
    Last Post: 13-01-2011, 12:24 PM
  3. Another Golden Oldie Hitting 70.
    By Trev in forum PC World Chat
    Replies: 11
    Last Post: 25-10-2010, 10:24 AM
  4. Emergence boot disk in XP?
    By Vince in forum PressF1
    Replies: 2
    Last Post: 26-09-2004, 08:51 AM
  5. Who wants a Golden Orb??
    By in forum PressF1
    Replies: 0
    Last Post: 29-09-2000, 06:25 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •