What part of it is malicious?
-
What part of it is malicious? From what I understood, it is a illegal music downloading platform, and they say it opens its users to "plegal action".
Are we calling pirating-enabling software malicious now? Because pirating is ilegal?
-
System shared this topic on
-
What part of it is malicious? From what I understood, it is a illegal music downloading platform, and they say it opens its users to "plegal action".
Are we calling pirating-enabling software malicious now? Because pirating is ilegal?
I assume the malicious part is that it phones home without permission, likely tracking users without their consent or informing them.
-
What part of it is malicious? From what I understood, it is a illegal music downloading platform, and they say it opens its users to "plegal action".
Are we calling pirating-enabling software malicious now? Because pirating is ilegal?
I agree the article isn't super clear. Reading it twice, it seems that the user credentials are exfiltrated to the C2 server (only the screenshot implies it), which definitely would be malicious.
Also a possible interpretation could be that the package advertised "just" some automations (e.g. export playlists to m3u?) and getting music metadata, whereas it was actually downloading musics locally unbeknownst to the user. Then exfiltrating the music back to the C2 server, effectively using the package's users to mass pirate musics without exposing the pirates directly. That would indeed be malicious, especially if the package did not advertise any content downloading.
But for the last paragraph I'm extrapolating on the few info this article gives without making much sense..
-
I agree the article isn't super clear. Reading it twice, it seems that the user credentials are exfiltrated to the C2 server (only the screenshot implies it), which definitely would be malicious.
Also a possible interpretation could be that the package advertised "just" some automations (e.g. export playlists to m3u?) and getting music metadata, whereas it was actually downloading musics locally unbeknownst to the user. Then exfiltrating the music back to the C2 server, effectively using the package's users to mass pirate musics without exposing the pirates directly. That would indeed be malicious, especially if the package did not advertise any content downloading.
But for the last paragraph I'm extrapolating on the few info this article gives without making much sense..
I see, makes sense, so the problem is that the user tokens are collected without knowledge and could be used for pirating
-
System shared this topic on