Crack = Virus?

People are often too much worried about legal side of using cracks that they're completely ignoring another one which is just as important and that is the fact that most crack downloading websites are actually a disguised lairs of viruses and other maleware targeting for inexperienced users and the ones too lazy to have their antivirus scan files :)

Most of the time you get what you searched for, but even more often the files you get are trojans or come with a whole bunch of other files which pose a great threat to your PC. This fact made me do some research. So i spent about an hour downloading cracks for basically any software i could think of. Results were quite shocking. My bitdefender would find a trojan or a virus in virtually every executable (you most likely won't get a worm that way because it's not their way of spreading).

Take a look at this picture
In this particular case it is a crack for "Need for speed: most wanted". Now what do you think which one of these files is an actual crack? Is it crack.exe? Perhaps patch.exe? The answer is no. Neither of these files is a crack, and this is a perfect example of social engineering as an inexperienced user would just take crack.exe as a logical answer and simly ingnore the others. If this is the case then why are all other files present, i mean you may think that crack.exe alone is enough to do the job. Is it really? What if a user expects some crack that patches a program executable, in that case it would contain a word "patch" in its name, or what if user actually expects the keygen? Now you're begining to see the picture do you? A malicious user who packed these files didn't actually knew what software user wants to crack so he compiled the package to be all-in-one solution, you have patch, crack, keygen, install, and even that neat runme.bat that will do all the job for you. How convenient :D

Don't fall for that, always check the executable file size (they should be similar in size, but there are exceptions to this rule), and if you see more executable files in one package BE VERY CAREFUL, also if the files you downloaded have that default application icon avoid them because in 9/10 cases they are up to no good.

Also bear in mind that because of the way some cracks work, your antivirus might identify them as a trojans. Unfortunately it's very difficult to tell the difference between real trojans and crack because most trojans actually do what user expects them to do, but com with a hidden payload also.

General guidlines:

• crack is in 99% of cases named exactly like original executable
• crack and original executable are often similar in size
• cracks usually come with .nfo file witch is basically a text file written by some group who cracked the app
• there can also be a small executable witch is a demo made by group who cracked the software
• keygens are usually very small in size (10-100kb but there are exceptions)

DISCLAIMER: i'm not supporter of cracked software, but i'm not supporter of maleware either; and that made me write this post ;)