Proxygate malware

[Valkyrie Lenneth]

so i knew an file was infected and i decided to run it to see what is going to happen it appeared it was infected with proxygate so i let it run a few days, once again to see what happens

 

so now i infected the system quite abit with this malware but i dont see any sympthoms at all , i decided to login facebook ( knowing it could screw me ) and it said suspicious login encountered your payments have been blocked ( dont really use them anyway )

 

so my question is, what is the purpose of this malware i havent seen malware in like 10years rofl, when i browse it says its an adware but then again why would adware try to keylog facebook?

 

anything im missing on this malware?  or is the Trojan.graftor   the logger it installed with it?

 

total infection =

 

PUP.OPTIONAL.GOLDCLICK

PUP.OPTIONAL.PROXYGATE.PRXYSVRRST

TROJAN.GRAFTOR

 

also when i try to quarantee it with malware bytes they automaticly try to remove the checks ( kinda funny lol )

 

i basicly infected my system on purpose to see what happens since i havent seen anything for a while

going to swipe it turning off my raid0 and reformatting them as single drives + putting it back to raid0 just to make sure over a format

 

dunno if it helps any1 posting this , but atleast this is what the proxygate malware gave me

 

 

 

[Leonard]

A PUP can be an unsigned certificate or driver and not a "real" malware, the thing about a PUP is that you will not know what it does unless you monitor log files of the network and registry.

 

Now why the hell would you launch it, i hope you did so on a test PC in where you try to be self taught about the topic because if you didn't and i were you,  i would not go for an IQ test because it may become trending as on of a new species.

[Valkyrie Lenneth]

2 minutes ago, Leonard said:

A PUP can be an unsigned certificate or driver and not a "real" malware, the thing about a PUP is that you will not know what it does unless you monitor log files of the network and registry.

 

Now why the hell would you launch it, i hope you did so on a test PC in where you try to be self taught about the topic because if you didn't and i were you,  i would not go for an IQ test because it may become trending as on of a new species.

i am going to reallocate my raid array thus format it twice and install a new os anyway thats why haha, just curious because why not ^^  havent seen a virus on my rig for atleast 10years

[BWLServers]

Proxygate itself isn't "malware". It's considered unwanted because it pushes all your network traffic over a proxy that is likely unsecured or monitored by unwanted eyes, which leaves everything you do on the internet open to spies.

[Valkyrie Lenneth]

2 minutes ago, BWLServers said:

Proxygate itself isn't "malware". It's considered unwanted because it pushes all your network traffic over a proxy that is likely unsecured or monitored by unwanted eyes, which leaves everything you do on the internet open to spies.

what about the suspicious facebook login though? these are the only detections ive had

 

the facebook was logged in from 4 different locations, i only logged in 1

[BWLServers]

Just now, Valkyrie Lenneth said:

what about the suspicious facebook login though? these are the only detections ive had

As I said, your network traffic is being sent through a third party and likely instantly stolen.

The reason for the notification is because your network traffic is appearing *different* to Facebook's login servers due to the proxy.

[Valkyrie Lenneth]

3 minutes ago, BWLServers said:

As I said, your network traffic is being sent through a third party and likely instantly stolen.

The reason for the notification is because your network traffic is appearing *different* to Facebook's login servers due to the proxy.

the thing is i never installed somthing even close to proxygate software, all i ran was an infected file ;o

[BWLServers]

Just now, Valkyrie Lenneth said:

the thing is i never installed somthing even close to proxygate software, all i ran was an infected file ;o

...which installed Proxygate.

[Valkyrie Lenneth]

3 minutes ago, BWLServers said:

...which installed Proxygate.

i honestly dont see the purpose of it for the malware, what it is trying to do, i expected more fun like os takeover and what not :c

[Leonard]

1 minute ago, Valkyrie Lenneth said:

i am going to reallocate my raid array thus format it twice and install a new os anyway thats why haha, just curious because why not ^^  havent seen a virus on my rig for atleast 10years

Well because you are not sure what it was you should NOT have run it because you don't know what it will do. If say it was a malware, it could have installed a backdoor in say firmware of the MOBO or hard disks<----just two examples of what can happen. Formatting does not always get rid or malware.

 

This could also be just an unsigned driver. If you used Avast then i would surly feel it is a false positive, if you used like windows defender/Norton/McAfee i would be surprised they even found something.

 

I would run Malwarebytes and make sure it is not a big issue.

[Leonard]

3 minutes ago, Valkyrie Lenneth said:

the thing is i never installed somthing even close to proxygate software, all i ran was an infected file ;o

by running the infected file you actually did install something even though it was unknown to you that you did or were going to do so.

 

remember skip the IQ test

[Valkyrie Lenneth]

4 minutes ago, Leonard said:

by running the infected file you actually did install something even though it was unknown to you that you did or were going to do so.

 

remember skip the IQ test

nah just not scared for malware at all, can always killdisk and flash firmware if it goes that far lol , and with executeable bit these days it shouldnt be too much of a concern of malware trying to do anything to ur mobo , most of them are just stupid adware and bullshit that doesnt do crap

 

its not like putting a usb killer into ur mobo

[Leonard]

1 minute ago, Valkyrie Lenneth said:

nah just not scared for malware at all, can always killdisk and flash firmware if it goes that far lol , and with executeable bit these days it shouldnt be too much of a concern of malware trying to do anything to ur mobo , most of them are just stupid adware and bullshit that doesnt do crap

Please please use another topic to try out your comedy skills. Dude malware of today is so messed up that if you feel you can just flash a firmware or killdisk something you are out of touch as to the present day malware scope and if you doubt me just look up Equifax hack.

[BWLServers]

3 minutes ago, Valkyrie Lenneth said:

nah just not scared for malware at all, can always killdisk and flash firmware if it goes that far lol , and with executeable bit these days it shouldnt be too much of a concern of malware trying to do anything to ur mobo , most of them are just stupid adware and bullshit that doesnt do crap

 

its not like putting a usb killer into ur mobo

The purpose of malware nowadays isn't to take over your computer. In fact, it's number 1 goal is to remain as undetectable as possible. A lot of modern malware is fileless and won't be found by typical AV scans. The point of installing Proxygate is to steal your information (assuming it's illegitimate software, which it appears to be)

[BWLServers]

Infecting a device that isn't 100% dedicated to safe malware testing, like a VM, is a very bad idea.

[BWLServers]

If that machine had any stored logins or financial information on it, I suggest changing passwords and monitoring accounts.

[Valkyrie Lenneth]

3 minutes ago, Leonard said:

Please please use another topic to try out your comedy skills. Dude malware of today is so messed up that if you feel you can just flash a firmware or killdisk something you are out of touch as to the present day malware scope and if you doubt me just look up Equifax hack.

that stuff gets me interested on trying on an old rig haha

2 minutes ago, BWLServers said:

Infecting a device that isn't 100% dedicated to safe malware testing, like a VM, is a very bad idea.

but if ud do it the dedicated way ud be blockin stuff it could do

 

2 minutes ago, BWLServers said:

If that machine had any stored logins or financial information on it, I suggest changing passwords and monitoring accounts.

ahh i used some bait accounts for it

[BWLServers]

Just now, Valkyrie Lenneth said:

that stuff gets me interested on trying on an old rig haha

but if ud do it the dedicated way ud be blockin stuff it could do

 

ahh i used some bait accounts for it

It's fun to mess around with malware on a sterile virtual environment. Don't do it on your personal rig for giggles. It's playing with fire and very dangerous. It doesn't just steal logins that you type after the malware is installed. It will search through your browsers, and Windows password history and steal that information as well. As I said,if  you have *ever* used that OS in the past for financials or anything with a password, I suggest changing them.

[Valkyrie Lenneth]

3 minutes ago, BWLServers said:

It's fun to mess around with malware on a sterile virtual environment. Don't do it on your personal rig for giggles. It's playing with fire and very dangerous. It doesn't just steal logins that you type after the malware is installed. It will search through your browsers, and Windows password history and steal that information as well. As I said,if  you have *ever* used that OS in the past for financials or anything with a password, I suggest changing them.

ah yeah everything i had in the past will be changed anyway i was all prepared for that tbh, i just couldnt bother setting up a vm :v ( kinda wanted to see the real thing too rofl )  but yeah nothing of what i expected happened :v i tought it was gonna be a bad one  , take over my os > send porn videos ect lol ( thats the last time i ever had malware like 10-15yr ago )

 

 

 

[Leonard]

1 minute ago, Valkyrie Lenneth said:

that stuff gets me interested on trying on an old rig haha

 

All hackers, black/white hat, use a separate system they there have isolated to test/audit malware and you do so with false accounts too of online services such as FB/YT/Twitter etc. you never use you personal system or network, only the inexperienced(noob)  would do that. 

 

Do you know they inject malware into .jpeg and .gif files as well, by the time you clicked on it the malware runs and you may not even know.

[Valkyrie Lenneth]

2 minutes ago, Leonard said:

All hackers, black/white hat, use a separate system they there have isolated to test/audit malware and you do so with false accounts too of online services such as FB/YT/Twitter etc. you never use you personal system or network, only the inexperienced(noob)  would do that. 

 

Do you know they inject malware into .jpeg and .gif files as well, by the time you clicked on it the malware runs and you may not even know.

yeah i kno, im not dumb just crazy :v i like to play with fire irl too ( actual fire lmao )

 

tbh im gonna go format this shit and kill the raid array its killed malwarebytes now haha

[Leonard]

Just now, Valkyrie Lenneth said:

yeah i kno, im not dumb just crazy :v i like to play with fire irl too ( actual fire lmao )

 

tbh im gonna go format this shit and kill the raid array its killed malwarebytes now haha

"actual fire" huh, well maybe you can post a video of when the fire catches your clothes for our amusement and we could all yell....

 

[Valkyrie Lenneth]

Just now, Leonard said:

"actual fire" huh, well maybe you can post a video of when the fire catches your clothes for our amusement and we could all yell....

 

Im a pyromancer and actually  signed up for firefighters am on the waitin list sadly tho :c

[Beef Boss]

Beware viruses and malware, if made correctly, can actually survive over formats. You wanting to have fun could have serious problems. Now you have trafficking data available on the internet from the makers of the malware. If you're going to do something like this I'd suggest an old system with a new drive and NOT connect your internet. I use a whole isolated system with VM on a tor connected network. Use cheap drives to destroy them because depending on your knowledge of the virus and Metadata you could screw yourself over.