this post was submitted on 15 Jul 2023
38 points (93.2% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

54500 readers
649 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 1 year ago
MODERATORS
 

For the last month or two, my AV blocks their site because it detected a ScrInject.B trojan.

And yes, it's the correct site (monkrus.ws).

VirusTotal also shows 4 security vendors register it as malicious.

Are these all false positives or is monkrus's site no longer trustworthy?

you are viewing a single comment's thread
view the rest of the comments
[–] ShadowRunner@kbin.social 5 points 1 year ago (1 children)

It shows 5 if you scan w14.monkrus.ws.

And this is Quttera's analysis here:
https://quttera.com/detailed_report/w14.monkrus.ws

Whether there is a real problem or not, it might be something the monkrus admins want to look into in order to address it.

But if anyone else has a better understanding of what's going on with their site, I'd love to hear it and it's probably good information for the rest of this sub.

[–] Deletecat@lemmy.fmhy.ml 6 points 1 year ago* (last edited 1 year ago) (1 children)

r/GenP talks about the safety of monkrus in their wiki: https://www.reddit.com/r/GenP/wiki/patchmethods/

Most people who claimed they got malware from the Adobe collection repack had either downloaded it from an unofficial source, downloaded from YouTube, or downloaded other pieces of sketchy software - just so happens that a monkrus repack was the last thing they installed. Then there are others who have been using monkrus for years and haven't had issues.

In the Quttera analysis, the malicious files are from a blacklisted domain [M.BL.Domain.gen], fv20[.]failiem[.]lv - this is a file host from Latvia. The files being flagged probably aren't malicious, though if this host isn't taking down malware, it would make sense that they are blocked by some antivirus companies. Especially since Quttera isn't checking the torrents - they are uploaded to other sites.

All in all, if you have any doubts, don't install it. Check out GenP instead of you don't really trust monkrus!

[–] ArcaneSlime@lemmy.dbzer0.com 1 points 1 year ago (1 children)

Wait how do you get a virus downloading from youtube, using some sketchy youtube download site? Yt-dlp is good right?

[–] Deletecat@lemmy.fmhy.ml 1 points 1 year ago (1 children)

I probably should have specified - downloading cracked software from a YouTube video. Downloading videos from YouTube is fine with tools like yt-dlp.

[–] ArcaneSlime@lemmy.dbzer0.com 0 points 1 year ago

Whew scared me lol. Thanks!