Earlier today, we had posted a new article related to: LV2Diag / ObjectiveSuite and other file leaks. The source of this information was named anonymous, but had contacted various PS3 scene sites with the same information about the leak. While the files were legitimate leaks, we were unaware that they were infected with a variant of the trojan: Gen.Variant.Kazy. This trojan was not picked by the various devs firewalls (including my own), and only a handful of AV’s do pick it up as seen here. The Trojan was also poorly made, meaning it didn’t quite work as intended and stopped working after a reboot.
We were not anticipating to post the news so quickly, but other scene sites jumped the gun and started to post them early and forced us to also post it. When more information came in from our IRC one of our members detected the trojan packaged with the PS2_mech file. We pulled the news post within the hour after learning about this, only to then witness a series of server attacks causing us to go down for several hours this morning/afternoon.
For those affected:
PS3Hax member Skyline-leo has posted an excellent analysis of the trojan here. The virus was basically an “noob job” and the trojan does NOT turn back “on” when you reboot your PC.
Program /Easy Method:
Manual Method:
Regardless there are no excuses and we deeply apologize for any inconvenience. The same mistake won’t happen again in the future and I will do something in the next few days to make up for it.
Sincerely,
PS3Hax Team
11-17-2011
06:43 PM
Thanks for the clarification
11-17-2011
06:46 PM
So the hack is real but infected with a virus ?
Also could it mean that leakier did not no of the virus ?
Maybe it was put there by the creator as a security measure against leaks.
http://www.virustotal.com/file-scan/...010-1321574188
11-17-2011
06:50 PM
and the plot thickens....
11-17-2011
06:50 PM
I think the most interesting thing here is that the leaked files are indeed genuine then... just unfortunately saddled with a trojan. At least they weren't fake files with a trojan.
11-17-2011
06:51 PM
Good news: Its real.
Bad news: Its infected.
Kinda like ****ing a chick with huge real tits but the catch is shes got VD, Mr. Bill que the 'oh no!!!'.
11-17-2011
06:52 PM
11-17-2011
06:57 PM
11-17-2011
06:57 PM
[MENTION=1]Pirate[/MENTION] i had also posted 2 files that i was given by the same person.
http://www.ps3hax.net/showthread.php?t=30265
http://www.ps3hax.net/showthread.php?t=30268
in those 2 links above. so if anyone downloaded those also i suggest you do the virus scan. [MENTION=136264]senna[/MENTION]x [MENTION=7773]GregoryRasputin[/MENTION] for fixing my posts. and i am also sorry for any trouble i caused.
11-17-2011
07:03 PM
no point to download what u cant use anyways :P
11-17-2011
07:08 PM
The question I have is, can those files be salvaged and reposted? I.e. rip the trojan from them and re-release it.
The tool sounds like it would be useful if it was released without a trojan.
11-17-2011
07:15 PM
that's SAd
11-17-2011
07:15 PM
Heh, which is why you want to be careful not to rush in and download files just cos they are there. Best to wait until you get some confirmation before downloading etc.
11-17-2011
07:20 PM
[MENTION=125372]bigo93[/MENTION] i know this is offtopic but, great signature there mate
11-17-2011
07:27 PM
Free TB domgle and we'll call it even
11-17-2011
07:28 PM
This is what sandboxes were mad for. So can we still use the files to play around with the firmware?
11-17-2011
07:29 PM
There's a program called sandboxie, or if your firewall has a sandbox use that, for those who are advanced and want to try to de-filth the files without compromising your pc
11-17-2011
07:29 PM
yep this is for Dev only if its real,anyway average user don't need this
But i'm surprised something like this happens
11-17-2011
07:30 PM
MAYBE IT WAS SONY, THEY PUT THIS OUT THERE CUZ THEY KNEW ALL THESE PS3 HAX SITES WOULD RELEASE IT AND PEIOPLE WOULD DOWNLOAD IT AND GET INFECTED AND MAYBE EVEN **** UP THEIR PS3'S. ITS A CONSPIRACY MAN!!! DONT TRUST THE GOVMENT MAN!!! THOSE GOD DAM SUMA***** MAN!!! I GOT MY TIN FOIL HAT ON , I DUNNO BOUT YALL!!!
11-17-2011
07:30 PM
11-17-2011
07:37 PM
11-17-2011
07:40 PM
I am still optimistic; hopefully we will see something in the coming weeks.
11-17-2011
07:49 PM
Sh*t happens lol you was quick on taking it down though so no biggie im just glad i let other lemmings try these things first
11-17-2011
07:52 PM
11-17-2011
07:57 PM
I hope that person that created the trojan messes up creating another one and destroying his/her laptop/pc, and poor to the point where they can't buy a new one
11-17-2011
08:02 PM
Well this was the only site that apologize to its members for posting that...
thanks Pirate.
11-17-2011
08:04 PM
IT WAS $ONY-------------AHHHHHHHHHHHHHHHHHHHHHHHH
11-17-2011
08:10 PM
I just woke up and luckily missed all the "gifts". I'm quite astonished that on another site there is no notice to the userbase. Actually people were asking why the news thread was deleted and one user was going to upload the files for other users to have a look at it, unknown to him that it contained a virus. Admin finally said there might be a virus but didnt really emphasize the fact of the`trojan like Pirate has over here.
Thanks Pirate
11-17-2011
08:14 PM
SUGGESTION TO ANYONE TINKERING WITH THIS:
USE SANDBOXIE WHEN DOING YOUR WORK.
It prevents your pc from getting the virus while you can toy around with the leak.
..that's if it's real of course.
11-17-2011
08:17 PM
damm
im on linux and im not installed wine for executuble archives.... too bad if this is a trojan normaly trojans need send information a mail adress look at the exe file or run a virtural machine look at the network connections...
11-17-2011
08:17 PM
only thing I really dislike in this post is that you say you were forced to report it because other sites jumped the gun... if its not confirmed, dont report it. but hey its not that big of a deal...
also we keep saying it was a noob threat... yet it got past everybodys security so to that I say bravo nOOb. well played indeed.
11-17-2011
08:30 PM
wait, because some other site was posting it, you were "forced" to post the story?
nobody held a godam gun up to anyone of you and said post this or die. take responsiblity for your own actions. no other site fuct this one up, y'll trigger happy mods and admins are so full of sensationalism y'll don't look very hard into things and do your research until after the fact.
much like this scene to begin with is, after the fact.
like how many ps3 wankinkoko fuct up because he (and others) didn't look into things until after the fact. after it was too late.
be yourself, by yourself, stay away from me.
11-17-2011
08:34 PM
11-17-2011
08:44 PM
Originally Posted by art789 View Post
MAYBE IT WAS SONY, THEY PUT THIS OUT THERE CUZ THEY KNEW ALL THESE PS3 HAX SITES WOULD RELEASE IT AND PEIOPLE WOULD DOWNLOAD IT AND GET INFECTED AND MAYBE EVEN **** UP THEIR PS3'S. ITS A CONSPIRACY MAN!!! DONT TRUST THE GOVMENT MAN!!! THOSE GOD DAM SUMA***** MAN!!! I GOT MY TIN FOIL HAT ON , I DUNNO BOUT YALL!!!
um, if sony made it i dont think it would be such a nood virus... sure they would of compiled it better. lol
11-17-2011
08:47 PM
11-17-2011
08:47 PM
I must admit, despite how much I love this website, there literally is no excuse for this. I don't think you were forced to post the news. You aren't forced to do anything. Everybody messes up once in a while, but don't make up excuses.
11-17-2011
08:53 PM
so uh
who's going to be the guy to run these in a sandbox?
11-17-2011
08:54 PM
11-17-2011
09:11 PM
Besides what happened im a proud member of this community.
I love Hax, always loyal to their principles and supporting and keeping alive this community that lack of mediocrity and it's very sincere with the users.
Thanks to all, and thanks to Pirate for doing Magic during the Ddos and mainting the site up and Gregory for spoting the little bastard.
Cheers and good luck.
Hellsing9 Proud member of Hax
11-17-2011
09:16 PM
11-17-2011
09:29 PM
S-H-I-T Happens lets move on
11-17-2011
09:37 PM
calm doown people. like day day says - players f*** up
11-17-2011
09:40 PM
Ouch that sucks guys! Glad I didn't download anything with it in it. But everyone makes mistakes and it's good you guys caught it before it did any real damage.
Or the person who wrote it was a retard and might be stupid enough to leave a trail to them...
maybe
...
w33z3
11-17-2011
09:43 PM
if you only downloaded the zip files, but didn't extract them or even click on the exe files, do you think my computer got infected. I have Malwarebytes but no warning popup came up
11-17-2011
09:46 PM
11-17-2011
09:47 PM
ok thank you
11-17-2011
10:03 PM
can someone please explain what the hack actually was I missed the news post
11-17-2011
10:15 PM
Nothing wrong with making a mistake so long as you admit to it
11-17-2011
10:19 PM
its true, the apology is made... and I doubt much harm was done... this is still my fav site! hands down! Hax ftw
11-17-2011
10:19 PM
I'm really glad u took the time and did this for us pirate! Thanks!
11-17-2011
10:20 PM
http://pastebin.com/ikRW8PN9
11-17-2011
10:55 PM
11-17-2011
11:11 PM
i just downloaded all of it and nothing happons when i run the programs its all good and i scaned with 3 differnt programs and didnot find anything, wtf is going on
11-17-2011
11:14 PM
Thanks Pirate for your reply
11-17-2011
11:40 PM
yes me too by the way i have another console with 3.73 i will see what i can do with this files
11-17-2011
11:48 PM
Publick stunt by ..(as...e) wait for orignal stuff
11-17-2011
11:52 PM
thanks for letting us know..... i was just about to download it and see wat da heck is this but guess ill pass
11-18-2011
12:08 AM
So basically, unless you scanned it with Bitdefender or Fsecure, you are infected as those are the only two of twenty AV's that picked it up.
11-18-2011
12:17 AM
i know those are the av i used but did not find anything, i am playing arround with the files and programs i might even risk my ps3 as i have 2 of them.
11-18-2011
01:23 AM
also i think that it is awesome how [MENTION=1]Pirate[/MENTION] is keeping us updated. This is what separates this site from the rest.
11-18-2011
03:02 AM
So the files are really legit? PS3CRUNCH says to stay away from them. They even say that it's not useful. curious to know who's right here
11-18-2011
03:06 AM
11-18-2011
04:14 AM
11-18-2011
04:18 AM
Can anyone confirm that you can't exit servicemode on OFW3.73? If that's the case then this is worthless.
11-18-2011
07:45 AM
How about Linux?
Are the distros affected too?
11-18-2011
07:49 AM
the files were stolen by rootkit from sony and the employee was sakura
11-18-2011
08:47 AM
are u have svchost.exe in linux ?
11-18-2011
09:07 AM
I have mentioned the same thing a few times before and this shows how posting news without confirming anything can come back and kick you in the nuts very fast. I'm aware that internet is free from any type of censorship and that's all great but that's also the greatest flaw - everybody can "play journalist" when they feel like it.
Sensationalism isn't everything, my dear gentlemen and I believe you're aware of that. Also, saying "but everybody else posted it" is no excuse. I believe a lot of members (including myself) would prefer to read news that are a few days/weeks old BUT CONFIRMED rather than random copy/paste drama generating crap from all the other sites that are, as Gregory nicely says it "full of retards" because this doesn't make PS3Hax any different.
11-18-2011
09:09 AM
I can't thank you enough for offering a great site [MENTION=1]Pirate[/MENTION]! You're a class act. This is what makes it easy to donate.
11-18-2011
09:43 AM
You do standup comedy on the side or what?
(always got something funny to say).
************* [ - Post Merged - ] *************
For the sake of staying on topic, has lvl 1 and 0 been accessed through this new leak? Confirmation anyone? I'm just asking to make sure I didnt overlook a previous post.
11-18-2011
09:59 AM
So I'm in this guys router atm.
Trying to see what I can find 'bout the hacked files.
N00b didn't change default pass
Anon0 != anonymous, got his name :P
Some dude from Russia, got his exact address
Shall I post his facebook?
11-18-2011
11:08 AM
I have nothing against PS3Crunch, just some most of the idiots in it.
************* [ - Post Merged - ] *************
11-18-2011
11:25 AM
;D
Sent from my CyanogenMod 7 xperia x10 using tapatalk
11-18-2011
11:39 AM
[MENTION=175753]sahibunlimited[/MENTION]
His Facebook
http://on.fb.me/vgllVo
Also check this thread for more info:
http://www.ps3hax.net/showthread.php?t=30297
And
A few minutes ago
11-18-2011
08:40 PM
OOOOOOOOOOOOOhhhhhhhhhhhh.... That's why the site was down! Thanks for informing us!
11-18-2011
11:36 PM
When all sites started spreading this leak (which in fact seems to be a valid/important one) Pirate needed to make a choice. Either he would wait and let people complain that the news was spread too late, or he would post it right away trusting the common checks he did so far. People want news to be NEW, not old. And as most people would, Pirate posted it right away. Looking back at it, it is something that shouldn't have been done. But that's based on information that wasn't available yet and at least he apologized for his actions. Don't forget we all make human mistakes.
As soon as I heard about it I knew people were gonna start all over again about the validation of news. And I bet those people have more then 10 virus scanners and decompile every file they download just to be sure that the file is safe. But sadly Pirate did not. He only scanned the files using his own virus scanner and neglected to do a decompile just to be on the safe side.
[MENTION=1]Pirate[/MENTION]:
Shame on you Pirate, you should have known better and at least use 20 scanners.
[MENTION=83916]The[/MENTION] others who blame Pirate:
Shame on you blaming Pirate for a 'mistake' most of you would have made yourself. It's always easy to tell someone he does something wrong, but don't think you are perfect yourself.
I'm sorry, but think of what you are saying before you accuse somebody. Pirate made a small mistake with not so small consequence. But he apologized for his mistake. What more do you want? The older this scene is becoming the less mature it becomes. And now people start to feel out of place in this kindergarden and leave. Leaving behind nothing more then a bunch of kiddo's who worship the big egonot who only came for fame and left wen he needed to harden his words.
That saddens me.
11-19-2011
12:30 AM
Who cares, all I care is that this site is back.
I simply sh*t bricks when this continued to happen for sooo long, I really worried.
Either way it's not PSN, people DO care if this site gets attacked.
You don't need to excuse for nothing, it's not like you caused it...
Nobody had a single momment bad feelings against this site.
I may sound like a nolifer but seriously, I can sleep better when I know the site is back and running, obviously and innevitably it's a part of our life so long being here.
11-19-2011
12:36 AM
1. PS3hax was down for about nearly 2 days - not a few hours.
2. You claimed this news as exclusive, yes, those were your words.
3. Other sites don't force you to do anything. Either you're nothing but a tabloid newspaper equivalent, as you seem to be admitting, or a serious site that reports verified (at least to some degree) news.
4. A "noob trojan" took you offline for 2 days?
5. Very much appreciated that you made an explanation on the matter.
11-19-2011
12:55 AM
2. I'm not commenting on that, didn't read the original post but I'm not sure it was exclusive either.
3. The news/leak was genuine, just infected with a trojan that was hard to notice. Even the FBI has been infected by a virus in the past, don't be surprised that some viruses become unnoticed.
4. The trojan was noob since it only worked till you did a reboot.
Did you even try to read the forum before complaining here?
11-19-2011
03:06 AM
yes the site was down that long,its been nearly 3 days since it got sorted,kept getting that stupid cloudflare message crap.but the site downforeveryoneorjustforme said it was up.
11-19-2011
04:29 AM
has any of you donated to make the site stronger with better resources? so don't complain like you were paying for this...
11-19-2011
04:38 AM
All i say is welcome back =)
11-19-2011
05:05 AM
dont see a donation at the side of your name either.and lets face it,we dont need money to sort out a noob trojan.
so next time i shout **** jump on my shovel.
11-19-2011
05:37 AM
11-19-2011
06:59 AM
Also the site wasn't down for 2 days, i was on it the whole time, you can check that by looking at the time of my post, may others were also on, those that did have a problem, could access the site via proxy, if the site was down, then a proxy would have been of no use.
12-04-2011
12:55 PM
Attention
Stay on topic
12-04-2011
01:33 PM