понедельник, 31 января 2011 г.

Lol happens

Recieved by vxheavens staff

from Roman Rybalov
sender time Sent at 10:34 (GMT+03:00). Current time there: 11:46.
to "webmaster@vx.netlux.org"
date 31 January 2011 10:34
subject Infringement Notice from Kaspersky

Dear Sir/Madam,

Kaspersky is the owner of the well-known trademark and trade name Kaspersky. As you are no doubt aware, Kaspersky, is a trademark used to identify products, services, activities and events related to Kaspersky.

The trademarks, emblems, words and phrases of Kaspersky are exclusively used by Kaspersky and any other use by a third party constitutes trademark infringement.

In connection to Kaspersky proprietary rights over its famous trademark we are notifying you of the following:

It has come to our attention that our trademark Kaspersky appears as a metatag, keyword, visible or hidden text on the web site(s) located at: http://vx.netlux.org/....7z

without having obtained prior written authorization from our Client. This practice infringes upon the exclusive intellectual property rights of Kaspersky.

Also, by using such trademark, you have intentionally attempted to attract Internet users to your web site(s) or other online location(s), by creating a likelihood of confusion with the Kaspersky’s trademark as to the source, sponsorship, affiliation, or endorsement of your web site(s), online location(s), products or services.

We trust that you will remove all metatags, keywords, visible or hidden texts including trademark presently appearing on the above-cited web site(s) and any other web site(s), or draw this issue to the attention of the appropriate person(s).

As part of our Kaspersky Trademark Enforcement Program, be assured that we will continue to monitor your web site(s) to verify your compliance with this letter. Failure to do so will force us to defer this issue to our Trademark Lawyer for further actions.

Should you require additional information or wish to further discuss this issue, please do not hesitate to contact the undersigned.

Best regards,

Roman Rybalov

+7(495) 797-8700 ext.2913


The response

Dear Roman,

Hello and thank you for contacting us!

We have forwarded your mail to the designated employee, who would
investigate and track this issue and keep you noticed on his decisions
on the issue right after he came back to Earth from the state of heavy
narcotic intoxication. However, we have no such employee, most likely
he would be using if he had to respond such mails daily.

As far as I can see the URL in question is a binary file which has no
tags, keywords or hidden text asssociated with it on our site.
Frankly, it cannot be read at all. I tried to open it and all I see is
a garbage (I would like to make a short excerpt from the file in
question, to prove my words):

7z<BC><AF>'^\^@^C`:<91><EF>̺<AD>^K^@^@^@^@(^@^@^@^@^@^@^@4^BBn<A9>^E^A<E9>^H<D4><F8>Ub<CD>/<F5>^Y2]`<E1><9D>l<DF><FF><84>L^T<F1>>!<FC>^@^At.^?<F5><83>l5^PiXs<CA>=<BC><C8><C0>I;<D7><F4><C0><AF><91><DC>^VESC^@<C7><E2><U+0515>^^^Z^F<90>P^U<EC>^Q<C2>^{<91>6^B<91><D7>_^T^G+#-<E0>N<B8><CD>^HF^O9<FF><DC><CC>/z<E1&t;$^DV^S*<89><F1><8A>/D<C1><FB>i}aB<A1>^G<EF><A4>K<B7>.'⣓<D7>`<97>^\=<98><D5>3=<8D>Y<A8><B8>DF:<A4><88>J<D0>V<C0>p*<B0>S<94>(D21~<80><B4><CF><U+05C8><U+051A>c<E1><A4>~<AA><BD><D5><FE><FB><9E>i@^F<9D>2<D7>):<C4>W`<E1>^^<AB>?-<96>/<DF><E0>^N<95><80>*^E<E0>1f~<BA><9D><C2>>^E<B2><F2>Ўue<DD><E2><A1>,f<B9><DE><DE>Dk<B9><C9>m^BK<FC>W<A4><A4>M^M<9B>^D<B9>WB#uΘ<B9><AA><E5><80>b<84><E1>&à^m<E1><F2>W<83><87><F>z<85>II<EC>wj1Jw^N`3r<E9><F5>9^Qb<9C>ESCrW!<A5&t;^WF7<E6>L~e<BC>O}<8E><E6><E0>^S<F8><AD><D3>a.<C0><F5><A1><E4>C/ҿ<90>B<E5>=<96>g<FC><B9>7t<A9>(<E5><F3>1<F7>7<C5>l<8A&;[^Bk*w籩<A8><F9><FB>'<CE>l^Pgx<F9><F3>践<<FA>i<95><85>T<F7><DA>^_<F6>v<D7><E8>^GZ]<C2><D7>m^F/?!i<90>A^T<D0>Y<E7><C9>R<DF>^H)^C<B8><A2>YM^Zy^V^^o<8D>`<A0>^ZV<EC><FB>M<BC><F5>{^]<ED>*k<B7>|<F5><F6><9D><AA><FF>9<DE>ESC<91><8A><DB><DC>.<B6>Vw<C2><D9><EB>^L홁<AA><E9>^V<CD><F4><CA><D1>^X$ŏq<D2><D6><E8>z<84>(I<CC>m<AD>v--^]om^\<E4>^_P<AA>3<BB>^L<A6>ڍZ<FA><F2><91>Gh<A9>^A^Z<DD>ƲB<95><E0>

I cannot see any mentions of yours (and any other trademark) in this.
May be, this hierogliph 籩 means "Kaspersky" in chinese? Or that - 践 ?
Could you provide us with some more details?

We would like to help you and put our best efforts to remove the
materials that infringing your trademark.

Thank you very much and feel free to contact us at any time!


http://forum.vxheavens.com/viewtopic.php?pid=4238#p4238

пятница, 31 декабря 2010 г.

пятница, 3 декабря 2010 г.

Kaspersky Key Exploit 0.534 fix 3

ENG:
I was busy a bit all this time but here i am :P Do u wanna test the new exploit version ? Here u r. Several fixes were done, added support of the new 2011 builds.

RUS:
А вот и я. Имел место быть поиметым отсутствием времени :P Наконец-то руки дошли и до эксплоита. Выкладываю в массы тестовую версию 0.534f3 (он же фикс 3 и он же бритое очко). Добавлена поддержка новых билдов 2011, подправлены некоторые мелочи.

DL: (password is elcrabe.blogspot.com)
http://www.multiupload.com/OQA4XN2AGT

понедельник, 25 октября 2010 г.

Cry me a river ~~~~~

Nod popup at Kasperky conference

среда, 15 сентября 2010 г.

Kaspersky Key Exploit 0.53

RUS: А вот и эксплоит, поддерживающий патч "B" 2011 версии антивируса. Также добавил новые линки на скачку.
ENG:
Here are new links to key exploit 0.53 Old links are currently n/a
Download:
http://www.multiupload.com/HDLHLPOXUB
http://mirrorafile.com/files/KX1LEFCY/KasperskyKeyExploit_0.53_Pub_with_keys.zip
http://file-upload.ru/4100
http://www.massmirror.com/d60fde073a5fb11adbbfeefac5fc0106.html
http://www.mirorii.com/fichier/62/318792/KasperskyKeyExploit_0-53_Pub_with_keys1-zip.html
http://g.zhubajie.com/urllink.php?id=9949332ruwtjmdugjytx2qy
http://www.sendspace.com/file/cbses4
http://www.xlpar.com/fkc5k7xk7run/KasperskyKeyExploit_0.53_Pub_with_keys.zip.html
http://www.mlfat4arab.com/k487prd72v7d/KasperskyKeyExploit_0.53_Pub_with_keys.zip.html

Password:
elcrabe.blogspot.com

вторник, 14 сентября 2010 г.

Привет, Хабра !

На днях я решил поделиться с ЛК одной из нескольких уязвимостей эмулятора в 2010 и 2011 версий Касперского. Было принято решение дать огласку данной уязвимости и по совету gjf я отправил статью на хабру =)
Встречайте сабж:
http://habrahabr.ru/blogs/infosecurity/104206
И меня в придачу:
http://ElCrabe.habrahabr.ru