Malware in Strawberry Perl v5.10.1.2

Discussion in 'Perl Misc' started by David, Nov 4, 2010.

  1. David

    David Guest

    On 2010-07-24 I uninstalled ActiveState Perl and installed Strawberry
    Perl v5.10.1.2, largely on the strength of the webpage's implied
    indorsement by Larry Wall: "When I'm on Windows, I use Strawberry
    Perl." I hope you don't really use this implementation, Larry, because
    a couple weeks after the install I got a call from American Express
    about several bogus charges to my card--including a $1 charge by a
    site called strawberry.com (not strawberryperl.com, the site from
    which I downloaded the product). $1 charges seem to be the preferred
    method used by scammers to test a card's validity: if the small charge
    goes through, these dudes pounce and run it up to the max in an hour
    or so. Amex is wise to the trick so they immediately cancelled the
    card and sent me a new one with a different number.

    I ran ZoneAlarm against the installation and it found bad boys called
    Worm.Win32.c* in both xmlcatalog.exe and \bin\dmake.exe. Naturally
    when I installed the product I didn't think too much about giving it
    'Net access for auto-update purposes, which probably explains how it
    was able to grab a credit card number and call home without detection.

    *Don't use this product!* I've gone back to ActiveState and I intent
    to stay with it.
     
    David, Nov 4, 2010
    #1
    1. Advertising

  2. David

    Uri Guttman Guest

    >>>>> "D" == David <> writes:

    D> On 2010-07-24 I uninstalled ActiveState Perl and installed Strawberry
    D> Perl v5.10.1.2, largely on the strength of the webpage's implied
    D> indorsement by Larry Wall: "When I'm on Windows, I use Strawberry
    D> Perl." I hope you don't really use this implementation, Larry, because
    D> a couple weeks after the install I got a call from American Express
    D> about several bogus charges to my card--including a $1 charge by a
    D> site called strawberry.com (not strawberryperl.com, the site from
    D> which I downloaded the product). $1 charges seem to be the preferred
    D> method used by scammers to test a card's validity: if the small charge
    D> goes through, these dudes pounce and run it up to the max in an hour
    D> or so. Amex is wise to the trick so they immediately cancelled the
    D> card and sent me a new one with a different number.

    D> I ran ZoneAlarm against the installation and it found bad boys called
    D> Worm.Win32.c* in both xmlcatalog.exe and \bin\dmake.exe. Naturally
    D> when I installed the product I didn't think too much about giving it
    D> 'Net access for auto-update purposes, which probably explains how it
    D> was able to grab a credit card number and call home without detection.

    D> *Don't use this product!* I've gone back to ActiveState and I intent
    D> to stay with it.

    this makes no sense. i know the strawberry perl people and they don't
    put malware in there. you must have downloaded it from an infected site
    or did something else wrong. your issue, not theirs.

    uri

    --
    Uri Guttman ------ -------- http://www.sysarch.com --
    ----- Perl Code Review , Architecture, Development, Training, Support ------
    --------- Gourmet Hot Cocoa Mix ---- http://bestfriendscocoa.com ---------
     
    Uri Guttman, Nov 4, 2010
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Nospam
    Replies:
    0
    Views:
    152
    Nospam
    Mar 19, 2008
  2. whitesmith

    Malware in Strawberry Perl v5.10.1.2

    whitesmith, Nov 4, 2010, in forum: Perl Misc
    Replies:
    4
    Views:
    210
  3. Dilbert
    Replies:
    0
    Views:
    851
    Dilbert
    Nov 10, 2011
  4. Replies:
    0
    Views:
    435
  5. removeps groups
    Replies:
    3
    Views:
    413
    Rainer Weikusat
    Sep 13, 2012
Loading...

Share This Page