Microsoft: Software activation key generator malware surging

[visualbuffs]

As they do every six months or so, Microsoft today has released a new Security Intelligence Report, which attempts to go over the state of PC security worldwide. Microsoft decided to highlight one part of the report, concerning the rise of malware that are linked with software activation key generators.

In a post on the Microsoft Security blog, the company said:

In the first six months of 2012, the threat family Win32/Keygen, representing software activation key generators, was detected nearly five million times. Keygen detections have increased by a factor of 26 since the first half of 2010 and today Keygen is the number one consumer threat family worldwide, rising above other prevalent threat families like Pornpop, Blacole, Conficker and FakePAV.

The pie charts above show how much impact Win32/Keygen has had in a number of countries, including the US. Microsoft points out that while key generators themselves are technically not malware, they are frequently tied into actual malware programs.

Microsoft says, "According to the report, more than 76% (that’s approximately 3.8 million of the 5 million aforementioned Keygen detections) of computers reporting Keygen detections in the first half of 2012 also reported detections of other malware families."

Source: Microsoft Security blog | Image via Microsoft

[DKT27]

(Aimed at NeoWin - Original Source) This is the most bullshit news I've ever seen. Any sane person can see that KeyGen, Patch, Wpakill are NOT malware. Crappy propaganda by M$ and even more crappy news story by MS slave NeoWin. -_-

[GRiM]

lmao, This has to be one of the most blatant attempts at propaganda/scaremongering from a software company I have seen in a long while. What utter bullshit!

1. 99.9% of keygens are NOT malware.

2. A high number of so called "detections" are down to majority of users been n00bs and installing shitty AV's like AVG etc that give FP after FP.

[visualbuffs]

yahhh!! almost 2 out of 100 keygen are malware

[x3r0]

I hate to admit but these days a lots of untrusted warez sources "repack" legit keygen/patch/or even installer, wrapped them hard so it's hard to unpacked/recover to original states. I've seen some kind of these. Few days ago I was looking for Torchlight 2 Update from THETA, then I got it from a uploader which upload it in resumable filehost, then I realize the site states the update is around 50MB but the patch I got is around 100MB! I tried to analyze it but damn, it's packed with somekind of .NET (ProtectionID's result, strange) packing mechanism. So my last chance is to fire it up inside a VM, then grabbed the original files if I found it. Fortunately, I found it inside my VM %temp%, and it is around 50MB! I don't know what else it does to my VM, but I'm glad the original file is untouched. But there's more...

But the most thing I hate is sites which wrapped download links inside Ady.ly/Filebucks, if I'm lucky the file is still intact - a little s**ty money for them. Then after download (spend bandwidth on it) it, still need to fill s**ty survey to unlock password of the f**king archives! Curse them! It's not their own creation/softwares/ebook, they didn't release/make the fixes themselves, but hoping getting some f**king money from it! I know I should seek another trusted source, but hell, it takes a lots of time.

[calguyhunk]

LOL! The security companies get these reports from users who install their Av/security software without turning off the default "Send detection reports to server". Then they don't bother to add their warez etc. to the exclusion list either. Of course there are a lot of cr@p floating around. But they'll be reported as Trojan Dropper/Worm or something more often than not. Not Keygen, AppPatcher, etc. :lmao: Then they come back complaining that nsanedown is hosting malware or something! :nono:

To whosoever it may concern - Please give the warez sites a pass - especially if you think every "Red Alet" from your AV is danger! D/L only from nsane or VIP/Trusted/Helper/Staff members on Pirate Bay. You can do so almost with your eyes closed - Though keeping them open is a good idea always :P Disable your AV before the download. Add the file and the process to the exclusion list before opening the file ;)

As you go along you'll get a hang of who all to trust and who not to ;)

And for crying out loud, you deserve to get infected if you wanna download smilies or animated wallpapers! :o Or watch naked Maria Sharapova pics 'cuz somebody unknown send you the attachment through E-mail

[GRiM]

Few days ago I was looking for Torchlight 2 Update from THETA,

Well thats what you get when you get fake/repacked crap. Why didnt you just get the actual scene release instead???

"Torchlight.II.Update.1-RELOADED" or "Torchlight.II.Update.2-RELOADED"

PS. And from a trusted source and not some random link from a n00b.

[NOP-X4]

But the most thing I hate is sites which wrapped download links inside Ady.ly/Filebucks, if I'm lucky the file is still intact - a little s**ty money for them. Then after download (spend bandwidth on it) it, still need to fill s**ty survey to unlock password of the f**king archives!

Very True.

But links wrapped inside Ady.ly and others can be bypassed easily using scripts.

[x3r0]

Few days ago I was looking for Torchlight 2 Update from THETA,

Well thats what you get when you get fake/repacked crap. Why didnt you just get the actual scene release instead??? "Torchlight.II.Update.1-RELOADED" or "Torchlight.II.Update.2-RELOADED" PS. And from a trusted source and not some random link from a n00b.

Yes I know THETA is P2P group not scene unlike Reloaded, but it doesn't mean they're not good. If you have limited bandwidth like I am, Reloaded 600mb is not a good solution, while THETA offering smaller one. Reloaded's patch is to replace most of the game files while THETA's approach is to patch some files with diff files using xdelta3, so their patch can be smaller than Reloaded.

Anyway, back again to the topic everyone...

[David]

Im a simple computer user and im not stupid Microsoft... lower your prices and stop saying bad about keygens lol

i am almost sure that your employes in home use keygens for other programs and they have money to buy it so...