Log in

View Full Version : Fake crackme on crackmes.de?

TiGa
August 15th, 2007, 08:38
Hi,

There is a weird crackme on crackmes.de supposedly a prank made by somebody else impersonating Anasazi.

It tries copy a file called Skillz.exe to the %windir% and %program% [sic] directories. I'm always suspicious of anything ending with a 'z'. Then some kind of keylogger (SuperSkillz Beta???) is loaded and tries to send fake keyboard inputs.

I might be only paranoid but this seems highly suspicious.

http://www.crackmes.de/users/anasazi/superserialme/

It may be nothing but somebody else might want to check it out.

TiGa
fr33ke
August 15th, 2007, 09:22
Here are some quotes from ARTeam forum (http://forums.accessroot.com/?showtopic=5951):
Quote:
[Originally Posted by Anasazi]Too dangerous, DO NOT USE AT ANY COST! [ It was "bugged", started as a prank but it turned out to be devastating ]

Quote:
[Originally Posted by Anasazi]Hey, I didn't upload it, well it was from my account but not by me personally. Devastating means that it hangs up the system.

Draw your own conclusions.
Silkut
August 16th, 2007, 03:43
Zairon seems to be contacted.
evilcry
August 16th, 2007, 10:13
Crackme was suddenly removed
nchanta
August 16th, 2007, 21:03
What kind of *idiot* uploads a piece of crappy malware as a crackme: a no-holds-barred target to reverse engineers world wide...
Woodmann
August 16th, 2007, 21:14
Howdy,

Nice to see you nchanta.

It seems rather obvious that someone has targeted the RCE community
to try his/her SKILLZ out.

I am sure it will be "broken" quite soon.

Woodmann
LLXX
August 16th, 2007, 21:44
Could be intended to screw over the "n00bs" so they don't ever do RCE again... or something like that.

Am I not the first to notice crackmes.de site logo looks like the Commodore logo slightly changed?
nchanta
August 16th, 2007, 22:15
Unfortunately I don't think the author had any higher motives than "he he he he he he he he i'll steal password heh he heh heh heh".

Nice to see you to woodmann I didn't realise there was a Malware forum now, i'll attempt to check in here more often...
fr33ke
August 17th, 2007, 15:42
Just to be complete, here is Anasazi's full explanation (again from the ARTeam thread):
Quote:
[Originally Posted by Anasazi]A'right, I'll tell you the story, first of I was overnighting at my cousins place, at 5 o clock in the morning I got this superidéa;
- Make an msn bruteforcer/selfkeygen using an system I coded.
First of in the morning I coded it, a little bugged but it seemed to work bitwhile (didn't actually break any passwords but the system worked), I got bored and turned it into an num/scroll/caps flashin prank, worked aswell. Then I just moded the code to randomly simulate keypresses on the computer, worked aswell after that I have no idéa what happened. The serialme?
- No clue where it came from.
Why upload?
- No clue who or why.

I'm telling the truth?
- Yeah, and it's up to you weather to accept or deny it.

Delete the thread?
- No, but lock it.
LLXX
August 17th, 2007, 19:27
Quote:
Why upload?
- No clue who or why.
How irresponsible.
LibX
August 21st, 2007, 11:55
So why did u code that worm that infected millions of system?
Hmm No clue who or why.

Errr.....

Sounds brain dead retarded to me.