EVE Central Market Upload Utility Trojan Keylogger Warning

Please see the update at the bottom of this article. I no longer suspect EVE Central or it's Market Uploader utility of any wrongdoing here.

So a friend of mine found that around a £1000 of money had been siphoned from his bank account recently (all in bank transfers of under £150). After talking to the bank about he found that the attacker had got into his bank account using the web login.

The question then became, how did they get his password? Like me, he works in IT so is pretty savvy about security generally, so had no idea how anyone could have got a keylogger onto either his home or work PC.

After much searching around he finally found this blog post a Mule in EvE: Learn and live to fight again that pointed to the fact that someone else had found a Trojan keylogger (a piece of malicious software similar to a virus that logs all of your typing and sends it to someone else on the internet) hidden inside the popular Market Upload utility from EVE Central. This is a popular tool that allows players of the game EVE Online to upload data about the ingame market place to a website where analysis can be run.

He rang me to let me know (as I also play EVE and have this tool installed), and sure enough a "deep scan" by Sunbelt Software's VIPRE Antivirus found the following trojan on my PC: Trojan-Spy.Win32.KeyLogger.acm, hidden in the "evec_upload.exe" file in the "EVE-Central MarketUploader".

Not good news, so one removal, uninstall and a few hours changing passwords later, here we are warning the rest of the public about this. As EVE-Central doesn't have any kind of public forum to post in, I'm putting this up here whilst I mail the developers for comment.

Please note that I am not blaming the EVE-Central developers here at all, I have no idea whether they are simply the victims of being unwittingly hacked themselves, or whether they are doing this deliberately. Also there is the possibility that this could be a false alarm and something in the way the Market Uploader was written is accidentally triggering a false warning in the anti virus software.

I am also most definitely not blaming CCP or EVE Online. CCP have made a great game that many, many people enjoy every day, and neither myself or EVE-Central are affiliated with them.

Update 20/8/08: Having carried out further investigation and emailed back and forth with Yann of Eve-Central it seems that we were too hasty assigning blame here. I no longer suspect EVE Central or it's Market Uploader utility of any wrongdoing here. I'm sorry for any misunderstanding or distress that could have been caused by this.

An up to date version of the VIPRE Antivirus doesn't pick up the "EVE-Central.com MarketUploader" as any kind of malware (or 'bad' software) at all.

From Yann:

I've been distributing the same package file since mid 2007. Its been at some time been listed as a Trojan all these major AV products, but detection had improved so the false positives were eliminated within a few update cycles.

It seems that some fairly old virus was written by someone using the same software that Yanne used to create the Market Uploader. This means that it has ended up looking slightly similar to an old virus, and has been at one time flagged up by many of the major anti-virus products, and then cleared again a few updates later as they fine-tune their virus detection.

This is a bit like if I used the same powerdrill to put up my shelves, as some serial killer used to do nasty stuff to people. Just because we both used the same tool, and both used it to drill holes, doesn't mean that I had anything like the same intention or outcome as the murderer.

Hmm tortuous analogy!

Open Parliament

Dad's organization (OFE) are organizing a petition to convince the European Parliament Government to change their IT systems over to using open standards.

Head over to www.openparliament.eu to sign up and show your support

Citizens and stakeholder groups should not have to use the software of a single company in order to communicate with their elected officials or participate in the legislative process.

All companies should be given the chance to compete freely for contracts to supply ICT services to the European Parliament.

I am a citizen of the EU, and I want the European Parliament to adopt the use of open standards and to promote interoperability in the ICT sector.

We believe that the current situation, where the European Parliament’s ICT runs on proprietary software that is not interoperable with that of other vendors, where therefore citizens and stakeholder groups wishing to participate in the legislative process are forced to use the products of a single company, is in conflict with the first article of Chapter 1 in the Treaty of the European Union. An example of this is the live Web streaming from the European Parliament's plenary sessions – aimed at improving communication with citizens and insight into democratic processes – which will only work with Windows Media Player.

Go on, head over and sign the petition.

EveBerry

This post's been sitting in my queue for a while, sorry!

Vlad (of Mozilla and Firefox fame) posted to the EVE-Online fourms a while ago about his new EveBerry tool, that can be downloaded here: EveBerry -- a BlackBerry EVE Character Monitor:.

It's similar to EVEMon and market monitoring apps, but for your Blackberry smartphone (assuming you have one, I do) and is very, very cool and very, very useful.

That's all!

I CAN HAS BOTZ

Since my last set of Lol Bots images (featuring Red Dwarf's Kryten, Ghost in the Shell's Tachikoma and Fritz Lang's Maria), the site seemed to go quiet for quite a few months. Luckily over the last few weeks rstevens has grabbed the editorial reins back and posted a slew of new images, including two more of mine.

I started off a little late for Valentine's with Kryten and Camille:

(It really was E5 A9 08 B7, no need to spell it out)

And finally got a bit of my favourite geekery in with 3PO:

(Metal body: 1, Fragile Skin and Bones: 0)

Safari for Windows Update

An update to the previous post: Safari for Windows.

I'd like to say that the Safari 3.01 beta update fixed the problems with my curved borders mentioned in the the previous post, but I probably ought to stick my hand up and admit that uploading the updated CSS file that's been sitting on my hard disk for about 2 months is almost certainly what fixed it! So Safari's new border radius properties do actually work on Windows, and they really do look gorgeous, all anti-aliased and shaded, against Firefox 2's pixellated efforts, or IE 7's non-existent effort :).

However still some quite quirky UI issues:
I'm really not sure I like the way that the Preferences window shrinks and grows every time you change tabs, and the fact that it's all instant apply with no 'OK' or 'Cancel'.
Also the Mac-style window re-sizing is really beginning to wind me up, particularly as the cursor doesn't change to the 'double-headed' resize arrow until after you start dragging in the one place that actually works, so there's absolutely no clue which parts of the UI you can or can't grab to resize until after you click the mouse to try it!
And finally just noticed that clicking the File menu on a non-resized window (with my Classic XP style) gives a really ugly blocky overlap of the window edge.

Safari for Windows

So Apple have just released a beta of the "Safari 3 web browser for Windows!

First impressions are great, all my web sites, and my favourite sites seem to work well, and look beautiful. Text flowing around flowing objects is definitely better than Firefox 2 or IE 7. Text just looks great full stop.

Downsides, its a bit like when Apple first shoved all that brushed chrome theme stuff over Quicktime for Windows, its just not a Windows app at the moment. You can't drag window borders to resize, you can't even drag window corners (except for one in the bottom right). Also if you're using XP with the Classic theme the menus are a bit messed up :).

Just remember to deselect all the stuff-ware that you don't want when you download and install it (the default download bundles Quicktime, and it tries to get you to install some network discovery tool as you install).

Hmmm seems to dislike my curved borders, even though I'd thought that I had the Safari CSS right, guess there's nothing quite like actually testing to find out what happens instead of just crossing your fingers and hoping!

Via Asa and Burnt Electrons.

UPDATE 18/6/07, see the follow-up post.

LOL BOTS for teh w1n!

I never really got the whole captioned (or macro-d) kittens craze, as exemplified at I CAN HAS CHEEZBURGER, maybe its because I'm just not a cat person (the guinea pigs work for me though).

However LOL BOTS is a concept that I can totally get behind. And have. My three submissions to the site (so far) are below:

I started off by injecting a little bit of class into the proceedings:

(I feel that I really ought to apologise to Fritz Lang at this point)

Then a little bit of hungry tachikoma:

(Maybe they really do have a ghost?)

And finally some boyz from the Dwarf:

Smeeee-ee-eeeeh-eeeg heeeeaaad

And almost certainly more to come!

PS Is it just me, or does xkcd have a comic for every occasion?

Good luck Nick!

My little brother, Nick, is currently racing across Europe in the Scumball 3000 European Car Race Rally. Him and three friends have bought a sub £500 Saab car and are spending 4 days racing across at least 5 countries, waking up each morning not knowing where they're driving to that evening.

Good luck to him, I think he'll need it stuck in the same car for days on end, with 3 smelly mates, with not even loo breaks allowed as they're such serious racers!

If anyone wants to track the route they're taking (last seen in Stuttgart last night after starting in England that morning) you can track cars in the race on the official site.

He's racing on behalf of the Winston's Wish charity. Anyone wanting to sponsor him, and why wouldn't you want to? can visit his team's online sponsorship form here.

Youth, Privacy and the Modern World

Okay, I'm not even 30 yet and things have conspired to make me feel old. I thought I was in touch, a real geek and a full part of the internet generation. It turns out that I may be some of that, but I still have one foot in the old world.

I read somewhere recently where a member of the 'older generation' was talking to a 'youngster' about calendars, and the youngster couldn't understand the concept behind having an Outlook calendar saved on your PC:

Why would you want a calendar that no one else can access?

Now, I've had an electronic calendar for about ten years now. Spread across work computers (using Lotus Organizer and then Microsoft Outlook), various models of Palm handheld, two different Blackberrys (what is the plural of Blackberry?), home PCs (Palm Desktop) and online (Google Calendars and Outlook Web Access). Most of these have synchronized back and forwards with each other in various ways creating a long history. Outlook is storing it's calendar on the Exchange server and publishing my free/busy info to the rest of the company, but not the actual appointments. The Google Calendars are shareable, but not shared.

I should be right there with this, but despite my techno-geekery, I am still stuck in the dark ages of having your own calendar that is yours, and yours alone.

Apparently I'm not alone in this, and one of the symptoms is that I don't regularly bare my soul (and other things) on LiveJournal or YouTube. I have two blogs (and have been nearly writing my own blog software for years now, but as you may have noticed, there is very little personal sharing here. I don't have a MySpace page, in fact as far as I can tell its just the new GeoCities (all lurid colours, randomly placed animated pictures and scrolling text). I have a love/hate relationship with my mobile phone (But I don't always want to be contactable!).

I'm very aware of privacy and how 'big brother' is tracking me, I make conscious trade-offs between my privacy and convenience/cash. I don't have any store-cards, but I do have credit cards and an Oyster travel card. I realise that I work in the City that has more cameras per square meter than anywhere else in the world, and I'm sure they have caught an awful lot of pictures of me doing very silly things. I've never had a full-face picture of me as my MSN Messenger picture, yet I've published web pages with multiple pictures of me drunk at parties.

I do have friends that I only know online and I've never met, but they are by far outnumbered by the people I only know in real-life and wouldn't have a clue how to contact them online in any way other than email (generally just a work address).

I used to post to Usenet with my full name, location, web page, email and (later) ICQ IM address. Later on my web page I listed most of the above and had contact links on every page. These days I rarely post to Usenet (although many of my old posts are accessible via Google Groups if you know what you're looking for), I post to forums and blog comments semi-anonymously and although my web page may have my full name, it has pretty much no contact details and the CGI contact form has been disabled after it just became an easy way for spammers to send to me.

I'm cutting off much of my public online presence just as so many are sharing more and more of themselves.

This sums it all up perfectly:

There is another way to look at this shift. Younger people, one could point out, are the only ones for whom it seems to have sunk in that the idea of a truly private life is already an illusion. Every street in New York has a surveillance camera. Each time you swipe your debit card at Duane Reade or use your MetroCard, that transaction is tracked. Your employer owns your e-mails. The NSA owns your phone calls. Your life is being lived in public whether you choose to acknowledge it or not.

So it may be time to consider the possibility that young people who behave as if privacy doesn't exist are actually the sane people, not the insane ones. For someone like me, who grew up sealing my diary with a literal lock, this may be tough to accept. But under current circumstances, a defiant belief in holding things close to your chest might not be high-minded. It might be an artifact -- quaint and naive, like a determined faith that virginity keeps ladies pure. Or at least that might be true for someone who has grown up ":putting themselves out there": and found that the benefits of being transparent make the risks worth it. [...]

For anyone over 30, this may be pretty hard to take. Perhaps you smell brimstone in the air, the sense of a devil's bargain: Is this what happens when we are all, eternally, onstage? It's not as if those fifties squares griping about Elvis were wrong, after all. As Clay Shirky points out, ":All that stuff the elders said about rock and roll? They pretty much nailed it. Miscegenation, teenagers running wild, the end of marriage!": [...]

Right now the big question for anyone of my generation seems to be, endlessly, "Why would anyone do that?" This is not a meaningful question for a 16-year-old. The benefits are obvious: The public life is fun. It’s creative. It’s where their friends are. It’s theater, but it’s also community: In this linked, logged world, you have a place to think out loud and be listened to, to meet strangers and go deeper with friends. And, yes, there are all sorts of crappy side effects: the passive-aggressive drama ("you know who you are!"), the shaming outbursts, the chill a person can feel in cyberspace on a particularly bad day. There are lousy side effects of most social changes (see feminism, democracy, the creation of the interstate highway system).

From: Kids, the Internet, and the End of Privacy: The Greatest Generation Gap Since Rock and Roll -- New York Magazine. Via JWZ.

But maybe the problem is that at heart I'm just a bit too schizophrenic about this, I really have got one foot in each camp. I just feel like at times I'm both people in XKCD's "Dreams":

ServiceCenter/Firefox Printing Redux

Some may remember this post from back in July when I was having trouble printing from a web app after upgrading from Firefox 1.0x to Firefox 1.5. Wherein I laid out a way to fix the problem using a custom usercontent.css file, and also logged a bug on the Mozilla Bugzilla system.

Well it looks like its come to an end! Not with today's Firefox 2.0.0.1 update, as you might imagine. But the latest 'Minefield' (Firefox 3 alpha) builds have the new "reflow" changes (from Dbaron's bug 30030) in them.

And it works!!

So now we just need to wait for Firefox 3's release and the whole world can feel the love!