back to article Cracked copies of Microsoft Office and Adobe Photoshop steal your session cookies, browser history, crypto-coins

Cracked copies of Microsoft Office and Adobe Photoshop are stealing browser session cookies and Monero cryptocurrency wallets from tightwads who install the pirated software, Bitdefender has warned. As many Reg readers will no doubt be aware, cracked software is a legitimate application that has had its registration or …

  1. katrinab Silver badge
    Flame

    Keygens can also get flagged as malware because they are keygens. Making it difficult to tell the difference between actual malware, and software that merely harms Shantanu Narayen's private yacht fund.

    1. Anonymous Coward
      Anonymous Coward

      Alien invasion

      Is he an alien? He has a huge brain case.

  2. JassMan Silver badge

    Great advert for LibreOffice and Gimp

    Best part is you don't even need to install Linux first.

    1. TVU

      Re: Great advert for LibreOffice and Gimp

      "Great advert for LibreOffice and Gimp"

      ...and indeed for Paint.net and the venerable Photoshop CS2.

    2. Dave314159ggggdffsdds Silver badge

      Re: Great advert for LibreOffice and Gimp

      LibreOffice? What's the other L in LOL for?

      A legit copy of Office costs a couple of quid. How much of a cheapskate are you?

      GIMP is quite good, but most people probably don't need most of the functionality, so are better off avoiding the torturous UI and using Pixlr.com or similar.

  3. Anonymous Coward
    Anonymous Coward

    I would still take my chances with the lesser crooks

    1) Cracked copies let you keep your computer entirely offline. Much safer than always-online cloud nonsense.

    2) Microsoft and Adobe also steal my data. Not entirely sure what the difference is

    1. CrackedNoggin

      Re: I would still take my chances with the lesser crooks

      For a typical MS Office user the difference is persistent transparent keystroke monitoring vs anything-goes loss of control. Obviously the former is preferable because having your data encrypted is the worst.

      For others (the minority) there is no need to use MS Office, or such cloud usage can be isolated when absolutely necessary (e.g., working in collaboration with typical MS office users online).

      I think you know that.

      1. Claptrap314 Silver badge

        Re: I would still take my chances with the lesser crooks

        Yes, but which solution provides which outcome?

        It's very, very far from clear...

    2. fidodogbreath Silver badge

      Re: I would still take my chances with the lesser crooks

      Running cracked software means trusting both the original developer and some random cracker. Not sure that's "much safer than always-online cloud nonsense." In either case you have no idea where your personal info will end up.

      And who's to say that the cracked software doesn't still send telemetry to MS / Adobe / whoever?

      1. yetanotheraoc

        Re: I would still take my chances with the lesser crooks

        "And who's to say that the cracked software doesn't still send telemetry to MS / Adobe / whoever?"

        You missed the part where he said "offline". An offline machine isn't sending telemetry to anybody. Software that only works online obviously is.

        1. Pascal Monett Silver badge

          MS Office works offline - at least, the versions before 365 did.

          You can perfectly install MS Office 2016 and then unplug your computer from the Internet. That being said, I seriously doubt anyone posting in forums has disconnected his work PC from the Internet. If you're using Office, you're not just using Excel to do your monthly bank balance.

          1. Lazlo Woodbine

            You can work offline with Office 365, simply install it locally and Bob's your uncle, you simply need to connect every once in a while to re-authorise the software.

            You don't even need to use the included terabyte of OneDrive, Office works just fine with local storage.

          2. Anonymous Coward
            Anonymous Coward

            From install to day to day usage, my development machine never touches the internet.

            Deterministic behavior can only come from remaining offline and I crack all software that does not allow me to do so.

            Of course I have an online VM machine called "cesspit" which I do my day to day online crap with.

            Also my banking is done quite differently than using their little website ;)

      2. karlkarl Silver badge

        Re: I would still take my chances with the lesser crooks

        "Running cracked software means trusting both the original developer and some random cracker"

        The random cracker often disables some telemetry to the upstream companies (as part of the crack). Also, don't think that you just have the original developer to worry about. For example Microsoft office contains a lot of middleware sending to a whole heap of 3rd parties (and advertisers). Honestly chucking in a random cracker is of no consequence at this (already unacceptable) point.

    3. yetanotheraoc

      Re: I would still take my chances with the lesser crooks

      "Microsoft and Adobe also steal my data. Not entirely sure what the difference is"

      Came here to make the same comment.

  4. Version 1.0 Silver badge

    You're cracked if you're running cracked software

    These days all "free" software is going to make the user pay one way or another - looking at the worldwide market it would seem to be generally more profitable to sell users location and browsing data than their crypto wallets.

    1. Joe W Silver badge

      Re: You're cracked if you're running cracked software

      I do beg to differ.

      vi is free (as in both "beer" and "speech". I very much doubt it is harvesting any data.

      The quotation marks around "free" in your post are likely deliberate (so: sorry, I get your point, could not resist etc), and likely refer to anything G**gle or F'book (F'thagn-book?) or so. Yes, I do agree :)

      1. My other car WAS an IAV Stryker Silver badge
        Coat

        Re: You're cracked if you're running cracked software

        FnordBook.

        At least that's the sense of uneasiness and dread I get when I see what my "friends" have been posting.

      2. Version 1.0 Silver badge

        Re: You're cracked if you're running cracked software

        Sure, free software used to be written to help people do things - but these days "free" software serves the users advertisements, sells their data, and occasionally cracks their wallets if the "free" access is a result of someone hacking the registration. I've got a few free applications out there that people use but they were all written back in the old days to help people.

        If I was trying to fund their replacements today then the corporate management would be telling me to harvest user data.

    2. Pascal Monett Silver badge
      FAIL

      Re: You're cracked if you're running cracked software

      Nonsense. Cracked software has nothing to do with free software.

      Go download Notepad++ or Paint.net and tell me that they insist on getting ahold of your wallet or location.

  5. Anonymous Coward
    Anonymous Coward

    Open options

    seams silly for anyone to pirate MS office these days, as there are Open source office apps that are better.

    1. Blazde Silver badge

      Re: Open options

      Sadly I've not found a spreadsheet app that will handle very large tables or complex lookup updates with nearly(*) as good performance as Excel. The only sense in which the open source options are better is that if I wanted to fix the performance issues in theory I could.

      (*) Not even within an order of magnitude in some cases.

      1. John Brown (no body) Silver badge

        Re: Open options

        On the other hand, the sort of people not prepared to pay for MSOffice are probably less likely to have the more complex use cases and compatibility issues that you might have.

      2. ridley

        Re: Open options

        "Sadly I've not found a spreadsheet app that will handle very large tables"

        Neither have the NHS

        1. Primus Secundus Tertius

          Re: Open options

          @Ridley

          The NHS was using files of type '.xls'. That was the default format before MS Office 2007, but Open Office took until about 2009 to move on. Looks like they were using ancient software, of whatever brand.

      3. John H Woods Silver badge

        Re: Open options

        Using a spreadsheet to handle "Very large tables or complex lookup updates" is, IMHO, (to paraphrase the great DNA) using almost, but not exactly, entirely the wrong tool for the job.

        1. Blazde Silver badge

          Re: Open options

          I may have mislead you with the word 'Very'. We're only talking a few hundred columns (not even hitting Calc's much hated col limit) by less than a hundred thousand rows. Excel proves perfect for the job every time, and is only one step in a toolchain that probably includes whatever you're thinking is the correct tool.

          Nevertheless they prove very large from the perspective of other spreadsheet software.

    2. Martipar

      Re: Open options

      I take it you've never tried to mail merge in LibreOffice? In MS Office you can just insert a CSV file, LIbreOffice requires you convert the CSV into a database then insert it and even then it doesn't work very well.

      I use LibreOffice for spreadsheets, presentations and opening MS Office file formats but for serious work MS Office is better. I can't think of any 'advanced' feature that's easier in LibreOffice.

      1. Anonymous Coward
        Anonymous Coward

        Re: I can't think of any 'advanced' feature that's easier in LibreOffice.

        I have it just to create PDF forms without Acrobat. That's the only office suite that works for this, AFAIK.

        1. Dave314159ggggdffsdds Silver badge

          Re: I can't think of any 'advanced' feature that's easier in LibreOffice.

          Office has done it for at least a decade. Either save as... PDF, or print to... PDF. Maybe only on Windows, though.

        2. WolfFan Silver badge

          Re: I can't think of any 'advanced' feature that's easier in LibreOffice.

          Hmm… on a Mac, I can do it with Pages and, I think, Keynote. As I have dumped Adobe completely, I use non-Adobe applications to do that kind of thing if the form is too annoying to do in Pages.

      2. Alan Brown Silver badge

        Re: Open options

        it's rather ironic that Libreoffice is the go to rescue package for broken ms office files.... :)

  6. JDPower666

    Is there something missing from this sentence cos I can't work it out:

    "This rather impressive malware may even hide in plain sight as many cracked versions of software come with protection notifications from their antivirus warning their users of the risks."

    1. John Brown (no body) Silver badge

      It seems clear to me. Cracked version with malware built in are likely to be flagged up by your anti-malware software when you run the installer or the app itself. Some people will ignore the warning because, for some reason, they "trust" the pirated app more than the anti-malware warning flashing on the screen, hence the "in plain sight" comment.

      1. This post has been deleted by its author

  7. LDS Silver badge

    "where they can phone home to an activation server"

    Well, today the crack is exactly making them work without that.

  8. Pascal Monett Silver badge

    Ah, warez

    The good old days. The dawn of the New Information Highway, with plenty of people who wanted to show off their skills and make sure that you could run Settlers 2 or Battlefield Vietnam without needing to have the disk in the optical reader.

    Bless them. They made my gaming life easier - without depriving authors of their revenue. Yes, I still have my Settlers 2 install CD. And Battlefield Vietnam, and about 600 others. I even bought two Battlefield 2 games because I played it so much that my first gamedisk shattered in the player. So much for my right to a license - in a normal world, I would have sent the pieces back and got a new DVD - because I only have license, right ? My license does not expire with the death of the disk.

    So yeah, warez used to be good, until the crooks understood that they could distribute their version of a CD/DVD crack and include a nasty little package with it. It really didn't take all that long for the despicables to catch on.

    Nowadays, warez is synonymous with malware. Thankfully, games no longer need to have a bloody plastic disc in a reader. Unfortunately, they do need to phone home every few minutes.

    Progress ?

    1. Martipar

      Re: Ah, warez

      The warez scene affected legit copies detrimentally though. I have a few old games that refuse to run because they detect I have a program for creating virtual drives installed. As if there isn't a legitimate reason for using a virtual drive. Luckily it's not many and it's on my XP gaming machine which is only used for LAN RTS gaming my mate when they visit.

      1. Dave K Silver badge

        Re: Ah, warez

        Blame lazy DRM devs, not the warez scene for that though. Thankfully in most cases, it's trivial to apply a crack that both allows your virtual drive to work, and ditches the need for the optical media.

        I've applied many cracks to games I legitimately own over the years - mainly to stop me either having to dig around for the CD each time (just to prove I own the game), or to enable me to take a laptop with a few games on it when I travel.

  9. Claverhouse Silver badge
    WTF?

    Banking

    I know little of cryptocoin, but I understood one immediately moved one's booty once complete to an external drive or card for safe isolation.

    And losing the card.

  10. Anonymous Coward
    Anonymous Coward

    Be warez

    The title says it all really.

  11. Anonymous Coward
    Anonymous Coward

    aka “keygen”

    "Sometime after this, the user seems to have downloaded and installed pirated software on their machine, specifically a Microsoft Office ISO file and an illegal Microsoft Office 2013 activation tool (aka “keygen”)."

    SOURCE:

    https://usa.kaspersky.com/about/press-releases/2017_kaspersky-lab-publishes-results-of-internal-investigation-related-to-incident-with-equation-apt-source-code

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021