So, where do those keys come from?

**anon** · 04.04.10, 22:06

You probably know what I'm talking about. A lot of people use certain antivirus/security suite programs that require a username and password combo (or key file, in Kaspersky's case, for example) to authenticate themselves and download updates. Those of us that can't or don't want to pay resort to Web sites written in East Asian languages that provide new login data every few days, or small applications that download the necessary information and sometimes even automatically apply it to the antivirus program's settings.

My question is... where the !"#$ do they keep on getting fresh passwords or license files in a near-daily basis!? Is someone actually paying for those, and then posting them publicly on the Internet? Do Eset or Kaspersky have an insider that adds them to the database to make them valid?

**slikrapid** · 04.04.10, 22:38

Originally Posted by anon

Do Eset or Kaspersky have an insider that adds them to the database to make them valid?

like the question: would these companies intentionally do something like that to increase their share of the market as it may reflect onto their stocks value in a beneficial way

or would antivirus companies directly or indirectly create new viruses in order to be the first ones to find an anti-virus solution to the new threat, again with multiple benefits

also, is someone monitoring who applies those specific combos?

and so on

**anon** · 04.04.10, 22:40

Originally Posted by slikrapid

like the question: would these companies intentionally do something like that to increase their share of the market as it may reflect onto their stocks value in a beneficial way

I've had a few talks about that in real life - arrived to the conclusion companies, one way or the other, appreciate the efforts of crackers and these kind of pages/programs offering serials - if NOD32 was completely uncrackable, for example, its popularity would suffer a great drop.

**cheatos** · 04.04.10, 23:15

yeah i wondered the same thing in the past,
i'm using a free anti-virus thats why i don't care for this,

but i think those keys are database dumps? hmm but i doubt that now, because its really stupid no to patch the auth servers...

OR

take for example norton av 2005, it had a keygen that worked online and can give you 1 year subscription, so i can also guess that those keys are generated randomaly or by Reverse engineering so they will match the AV's salt/hash/compare method..

**anon** · 04.04.10, 23:16

Originally Posted by cheatos

take for example norton av 2005, it had a keygen that worked online and can give you 1 year subscription, so i can also guess that those keys are generated randomaly or by Reverse engineering so they will match the AV's salt/hash/compare method..

But aren't keys/passwords checked by the login server? One would think the username+password combo needs to be present in the remote database...

**cheatos** · 04.04.10, 23:23

Originally Posted by anon

But aren't keys/passwords checked by the login server? One would think the username+password combo needs to be present in the remote database...

my bad, i forgot how the keygen worked exactly,
it worked via the telephone activation system, norton gets a key from the server then by usign the keys you was able to activate it and get a 1 year subscription.

**supermarrioh** · 04.04.10, 23:38

Most of them are crawled by Keystealer-Botnets or are fake-purchased i think.
There are huge Botnets out there with the only purpose to spread themselves and to send all serials/login data stored on the Infected PC to their host. And most of them are FUD if they are good.
The Other way to get keys i know is to purchase them with faked payment in Online-Stores.

**MrCheat** · 05.04.10, 00:40

There could be an exploit on one of the NOD32 servers or the Kaspersky servers that they are able to steal all the keys, Kaspersky especially has been hacked a few times before. There could also be an exploit that provides keys through some payment glitch. Porn sites for example get hacked so many times over and over again and people would have access to the whole user database all they had to do was decrypt it which they were able to with relative ease. Another method is by botnets and stealers. I had a friend who made a multi cd key stealer and he would sell the cd keys, saw a guy with 12,000 lines of COD4 CD Keys once also, but of course you can't be sure that they all work. I don't believe that the botnet method could provide daily fresh keys non-stop unless someone had a really good spreader.

**caballero** · 05.04.10, 01:31

It's is a topic that makes you think a lot.
I don't think the keys are leaked out or people are getting them by some means. I think as anon and slikrapid said, the codes are released by the company itself to make people use their software. Personally, I changed to Eset from Kaspersky because I was sick with the key thing. So, this method really works

**Nobody** · 05.04.10, 19:02

An exploit on the servers of a company that specializes in security seems unlikely. My guess is what supermarrioh mentioned, they're datamined from trojan botnets.

**MrCheat** · 05.04.10, 19:16

Originally Posted by Nobody

An exploit on the servers of a company that specializes in security seems unlikely. My guess is what supermarrioh mentioned, they're datamined from trojan botnets.

You would be surprised, if the Chinese can hack google is Eset a match and isn't the primary source of those Eset login info on a Chinese website?

**kelly** · 05.04.10, 19:26

I second Slik,Anon's view.

IMO,these could be perhaps be termed as 'necessary evil ' in order to provide an illusion of safe & secure browsing ,computing or whatever. According to Carl Schmidt on Neo Con theory, in order to keep the society under control, the govt or the authorities should have an ' enemy image ' . If we look from a broader perspective , this theory do fits in well in this case.

**slikrapid** · 05.04.10, 19:45

Originally Posted by kelly

in order to keep the society under control, the govt or the authorities should have an ' enemy image ' . If we look from a broader perspective , this theory do fits in well in this case.

there is also another one which implies that members of the society should be kept busy/occupied, otherwise who knows what they might think of or do with too much spare time, ie:

'idle hands are the devil's playground'

for example, they might figure out the 'enemy image' plan

**caballero** · 05.04.10, 20:49

Originally Posted by MrCheat

You would be surprised, if the Chinese can hack google is Eset a match and isn't the primary source of those Eset login info on a Chinese website?

Remember that they are likely to sponsored by the government, when a government sponsors a hacking mission anything can go down

**desodorante** · 05.04.10, 21:25

Well, I think most of you are right.
Marketshare is the key to be called the leader in any market, so there might be some companies leaking keys to increase market share, just like those win7 builds mysteriously were.
Also, there might be people hacking, sniffing or simply giving away keys, specially unhappy employees (Working in a code factory overseas is not always the best time of your life)
So I do not think there is THE answer to this question, just a bunch of little answers that create a bigger picture.
I personally think is mostly employees, which can usually access user DBs and/or have some very nice tools to make whatever they want to test the app.