[10307] in bugtraq
Go!Zilla, possible trojan
daemon@ATHENA.MIT.EDU (GossiTheDog)
Wed Apr 21 20:27:30 1999
Date: Tue, 20 Apr 1999 21:35:20 GMT
Reply-To: GossiTheDog <gossi@EIDOSNET.CO.UK>
From: GossiTheDog <gossi@EIDOSNET.CO.UK>
To: BUGTRAQ@NETSPACE.ORG
I'm a little concerned about a program called Go!Zilla (a Windows 9x
Internet download manager) - basically upon detecting network
connections it appears to send about 2-4k of data to a remote machine
on port 1975.
There appears to be no reference to this made in the documentation,
and I'm a little concerned about what it is actually sending to the
server (and also what is being logged at the server end).
Anybody want to pull Go!Zilla apart or run a network sniffer and see
what it's doing?
I might just be jumping to conclusions, but with what happened with
ProMail I don't think we can afford to have another trojan available
on all the big download sites...
Regards,
-----------------------------------------------------
[Name] GossiTheDog
[Email] gossi@eidosnet.co.uk
[Telephone] (+44) 0702 09 353 08
[Web Site] http://www.spleen.ukgateway.net
[PGP Key] http://www.spleen.ukgateway.net/gossi.asc
-----------------------------------------------------
