Jump to content

ET Fake ETLegacy Installer

Buckwild

By Buckwild
in ET Discussion

 Share

Recommended Posts

  • Administrators
daredevil Grand Master

daredevil

Posted
  • Administrators
Posted
31 minutes ago, Buckwild said:

I've been informed that there is ETLegacy installer on Web with virus.

Only download from: https://www.etlegacy.com/

 

Not 100% true, always. As saying goes always download from reputable source. 

 

We normally link the download back to original source but not all websites do that. So what happens is counter get broken and stats doesn't get generated correctly. So what folks spread is other sources CAN have virus to caution users. 

 

I take it with grain of salt. Always do your due diligence. 

  • Like 1
  • 100 4
Link to comment
Share on other sites
GHARIB Grand Master

GHARIB

Posted
Posted (edited)
1 hour ago, daredevil said:

We normally link the download back to original source but not all websites do that. So what happens is counter get broken and stats doesn't get generated correctly. So what folks spread is other sources CAN have virus to caution users. 

 

True this!

 

2 hours ago, Buckwild said:

I've been informed that there is ETLegacy installer on Web with virus.

 

 

Example with one of binaries spread on the first page of google page:

 

1566973776_Capturedcran2022-05-04204817.thumb.png.9094927f76f04e486f6db2369837bd34.png

 

 

Always (and only) download from source (or very very very trustful website ... as FA 😛 )

 

 

Edited by GHARIB
  • 100 3
Link to comment
Share on other sites
*Kiba* Community Regular

*Kiba*

Posted
Posted

you guys and ladys don't forget that there are fake ET  downloads out there to ppl have way to much free time lol 

Link to comment
Share on other sites
MaTt0 Collaborator

MaTt0

Posted
Posted

This happened to me with the real legacy exe. I had to add an exemption through windows security and also remove it from quarantine. 

  • Surprise 1
Link to comment
Share on other sites
  • 2 months later...
GHARIB Grand Master

GHARIB

Posted
Posted (edited)

And to clarify something, they are not "FAKE" installers (as said in title), but real installer (the original one) with a malicious payload (injected code)

It will install real ETLegacy, but also malicious code.

 

In these following examples  (for educational purpose only),  that I have "home made" for my own research in my labs, it would give total control of the computer remotely (and when I say total control, it means even more than the computer owner himself 😄 )

Of course, you will not find any details here about the "how to" .

 

This first one is "noisy" and detected by most of security vendors:

 

Capture5.thumb.PNG.6859c9d612fcd6688b82e930646dc80e.PNG

 

 

This second one, it is more sneaky,  and almost not detected

 

 

Capture3.thumb.PNG.a7ceaf534419cfed5fe07c32476b478f.PNG

 

 

And of course, malware can be more hidden again, I have voluntary made them noisy for the example :=)

 

To make it simple, your computer will leak all what you are doing, all your files, passwords, all what you type, even your webcam and micro could be activated remotely!

 

So always check from where you download your files.

 

you can still check that a file doesn't have any payload and is the original one by comparing the checksums :

Capture.thumb.PNG.ea0158c46ccd127f5b299e39be11e955.PNG

 

compare with the hash of the file you have :

 

- on windows (command prompt) : 

certutil -hashfile etlegacy-v2.80.2-x86.exe MD5

 

- on linux (i have taken the windows file for the example) : 

└─$ md5sum etlegacy-v2.80.2-x86.exe
21117c6dce84ff1d14b92287d6bc05ca  etlegacy-v2.80.2-x86.exe

 

Or online here : https://www.virustotal.com/

Capture.thumb.PNG.c69644c46d756aabf5cc1ea35d422b1f.PNG

 

 

 

If it is different -> 🤢🤢🤢

 

So , once again, always (and only) download from source (or trustful website)

 

 

Edited by GHARIB
  • Thanks 4
  • 100 3
Link to comment
Share on other sites
  • 2 months later...
Haruhi Suzumiya Proficient

Haruhi Suzumiya

Posted
Posted (edited)

I've been using the same couple of installers for each version of ET my entire ET career. Store them on a separate drive and reuse for all reformats or new builds.  Think I still have the original  install and 2.6b files on a CD that the guy who got me into ET gave me.

 

This reminded me of all the newer titles using anticheat software requiring kernel level access.  Yes it works well for detection but game developers aren't always overly concerned with your security, only stopping hackers in their games.  They end up creating something that will stop a lot of cheat software but at the expense of giving people a way of gaining complete access to your system.

Edited by Haruhi Suzumiya
  • Like 2
Link to comment
Share on other sites
Haruhi Suzumiya Proficient

Haruhi Suzumiya

Posted
Posted
16 minutes ago, MaTt0 said:

So is the etlegacy from the original website sketchy? Should I uninstall it and run vanilla?

 

You are good to use the original as of right now as I post this.  If you wait 10 minutes I cannot be held responsible.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

About Us

We are glad you decided to stop by our website and servers. At Fearless Assassins Gaming Community (=F|A=) we strive to bring you the best gaming experience possible. With helpful admins, custom maps and good server regulars your gaming experience should be grand! We love to have fun by playing online games especially W:ET, Call of Duty Series, Counter Strike: Series, Minecraft, Insurgency, DOI, Sandstorm, RUST, Team Fortress Series & Battlefield Series and if you like to do same then join us! Here, you can make worldwide friends while enjoying the game. Anyone from any race and country speaking any language can join our Discord and gaming servers. We have clan members from US, Canada, Europe, Sri Lanka, India, Japan, Australia, Brazil, UK, Austria, Poland, Finland, Turkey, Russia, Germany and many other countries. It doesn't matter how much good you are in the game or how much good English you speak. We believe in making new friends from all over the world. If you want to have fun and want to make new friends join up our gaming servers and our VoIP servers any day and at any time. At =F|A= we are all players first and then admins when someone needs our help or support on server.

Player Gaming Stats for =F|A= Servers.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept