Report on Qihoo and Data Security

Status
Not open for further replies.

Xtwillight

Level 6
Thread author
Verified
Well-known
Jul 1, 2014
297
The following reports have been published on Qihoo and data security.
What is your opinion?

("fighting with Hofuna Ko publicly accused Internet security software company Qihoo 360 security products to steal the user privacy. This caused Internet users and experts generally pay close attention to.
After the Analysys International organized network security forum, security expert Li Tiejun gives the so-called " 360 compasses collect and resulted in at least 1410000 user privacy compromised " evidence, these leaked information contains a large number of Taobao customer orders and contact way, individual account and password, the enterprise network records and financial data, and government classified information.
source:http://www.4000076788.com/en/news.asp?newsid=182 ")

( "Finish the initial installation of 360 Secure Browser v5.0.8.7 and operate it, and
we can see the expansion use of 360 default installation (Figure 2) in “360 Expansion
Center” and “My Expansion”. According to the description of public letter of @独立
调查员, the expansion applications installed in %AppData%\360se\Apps of Windows
XP System, backup AppsLocal.ver file under this path, in accordance with the file
name and contents, we can infer that the type of the expansion, version and the
download address of the corresponding server for this file is the browser of the local
users,
Delete all the extended application in “My Expansion”, reopen the AppsLocal.ver
file, there is only configuration information about ExtSmartWiz.dll (Figure 3),
compare with the backup of AppsLocal.ver, we find that ExtSmartWiz.dll is not the
expansion application of 360 Secure Browser.. "

source:http://www.valleytalk.org/wp-content/up ... r-v1.4.pdf ")

“Daily Economic News” reporter in the the Shenzhen mangrove independent investigators conducted a live demonstration. He specially 360 security browser installed on their own computers, and open network communications monitoring tools, you can see 360 security browser in their computer after the stage like a worker bee, always kept busy.(
Then, independent investigators to open IE, Tencent, cheetah, chrome browser, a browser is very quiet, no action.
Through the back door, 360 browser can monitor user computer operating process to 360 cloud security center making the request, the 360 cloud backdoor service system, upon request, given the appropriate DLL that windows executable program library. This DLL by the the 360 browser back door directly into the user’s windows system.
At this point, the DLL exceedingly amazing, it even has control of the browser from user windows system can do things, including but not limited to:
Get the user’s files and upload to the cloud;
Read and write, add and delete user files;
Monitor user communications;
Change windows system registry, or important to set parameters;
Quietly uninstall the competitors’ products, and so on.
The same time, the DLL can also be through the back door, directly on the Internet issued a directive, including, but not limited to: Mitbbs.com

In his opinion, the 360 that the back door every five minutes to find 360 server to download a DLL and loaded for execution, but it is a back door, hidden first, so the DLL in any case does not show up, there is no pop-up dialogue window or message box therefore need to give it to simulate a test environment.
“Erected in the local DNS service, hijacked 360.cn the DNS to my machine disguised as a 360 server, then that injection browser DLL I freely control it?” Independent investigators by knitting DLL one as long as it is loaded for execution as soon as a pop-up message box, to take write your own DLL injection to 360 browser, 360 browser backdoor mechanism which allows running fully visible.
In this way, the browser really as expected, independent investigators wrote in a DLL inside the message box to pop.
“Captured alive!” From October 29 last year, the open letter to the November 5 reverse engineering analysis, before and after only six days (only in his spare time).
A minor detail, independent investigators in order to allow more users to know 360 hidden backdoor facts, but also the results of its investigation by 65 minutes of uninterrupted video full webcast. To ensure that the video content is truly 65 minutes of uninterrupted, splicing, In fact, he spent more than four hours again and again realistic demo until disposable completed, has truly accomplish this forensic work."
source:http://tvcric.com/2013/02/26/360-black- ... at-secret/")
 
Last edited:

Cch123

Level 7
Verified
May 6, 2014
335
I think to confirm if there is indeed a backdoor you need researchers who are not from China to verify. In China, there is a cut throat competition amoung the various Av vendors and technological companies. They have been known to run smear campaigns with sometimes false info against each other.
 

jackuars

Level 27
Verified
Top Poster
Well-known
Jul 2, 2014
1,688
I think to confirm if there is indeed a backdoor you need researchers who are not from China to verify. In China, there is a cut throat competition amoung the various Av vendors and technological companies. They have been known to run smear campaigns with sometimes false info against each other.

Exactly.....
 

tapoo

Level 4
Verified
Jan 21, 2012
639
^^
A free antivirus that does much better than some other paid services out there
And that too with 2 top antivirus engine, they must be paying as charges to Bitdefender + Avira. They are surely not let Qihoo use their hard worked databases for Free. But they do not have any income, at least from this field. How are they managing it? I know, they have some other businesses, but it quite strange. Same thing here about Baidu.

Another thing.......
You may have heard about some of the good antivirus softwares from India, those are not one of the best, but works OK.
Example: K7 , QuickHeal, eScan.... First two uses their own engine, and eScan use Bitdefender engine. None of them have even a free version, but those antivirus have market in India, and abroad . Their company is running quite OK.
Even top names like Emsisoft, Malwarebytes, Comodo, Kaspersky, Avast, AVG, Avira, Bitdefender, Panda, G-data etc ..... [ long list] everyone, at least has a Paid version except Baidu/QiHoo....

In Every country's antivirus market, there is tough competition, but that doesn't mean that every company suddenly started offering other softwares free of cost.

BTW, this thing already discussed lots of time here, so everybody know that.

I am not against them. But I feel it is quite strange. May be i am getting over-suspicious.
.
 
Last edited:
  • Like
Reactions: GabiCRX and MikeV

Razor555

Level 5
Verified
Sep 15, 2014
246
^^

And that too with 2 top antivirus engine, they must be paying as charges to Bitdefender + Avira. They are surely not let Qihoo use their hard worked databases for Free. But they do not have any income, at least from this field. How are they managing it? I know, they have some other businesses, but it quite strange. Same thing here about Baidu.

Another thing.......
You may have heard about some of the good antivirus softwares from India, those are not one of the best, but works OK.
Example: K7 , QuickHeal, eScan.... First two uses their own engine, and eScan use Bitdefender engine. None of them have even a free version, but those antivirus have market in India, and abroad . Their company is running quite OK.
Even top names like Emsisoft, Malwarebytes, Comodo, Kaspersky, Avast, AVG, Avira, Bitdefender, Panda, G-data etc ..... [ long list] everyone, at least has a Paid version except Baidu/QiHoo....

In Every country's antivirus market, there is tough competition, but that doesn't mean that every company suddenly started offering other softwares free of cost.

BTW, this thing already discussed lots of time here, so everybody know that, i think....


I said its free for the users, they have their own ways to make their income and usually its at the cost of your own privacy. You didn't have to write all that as i do know a few things about how this stuff works. Qihoo always believed that their antivirus software should be free for the users. They are just attacking them because they are jealous of their successful business model where nobody thought it would be possible. Now Qihoo is also expanding globally and they hate it that's why. ;)
 
  • Like
Reactions: silversurfer
Y

yigido

You can opt-out the "Join 360 Cloud Program" into its settings.
an avast fanboy said congrats to qihoo users. Yes congrats to qihoo users because qihoo is better than avast on privacy matter.
Come on fanboys. I am already in my shelter.
 
  • Like
Reactions: Manzai and Razor555

tapoo

Level 4
Verified
Jan 21, 2012
639
@ Yigido
are you targeting me ? i am not fanboy of any specific software....
 
  • Like
Reactions: Kent

cruelsister

Level 42
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,133
I really can't believe this is coming up again. But for those not familiar with this issue, a few Fun Facts:

1). Note that the original article was from February 2013.
2). Note that the source was anonymous.
3). Note that the story pertained to the Qihoo browser,
4). Note that this browser was for use in China only (at the time, they were just developing the browser and didn't have an English version), and was for a previous build form mid-2012 and not available in 2013.
5). Note that this browser had Cloud Security built-in, including a web filter for malicious sites.
6). Note that the findings in the original paper were NEVER confirmed by anyone else.
7). Note at the time Baidu had over 90% of the Chinese search market, whereas Qihoo was just getting into it aggressively (hint, hint).
8). Note that there is a current libel case against the original publisher, National Business Daily. in Xuhui District People’s Court.
 
Y

yigido

I really can't believe this is coming up again. But for those not familiar with this issue, a few Fun Facts:

1). Note that the original article was from February 2013.
2). Note that the source was anonymous.
3). Note that the story pertained to the Qihoo browser,
4). Note that this browser was for use in China only (at the time, they were just developing the browser and didn't have an English version), and was for a previous build form mid-2012 and not available in 2013.
5). Note that this browser had Cloud Security built-in, including a web filter for malicious sites.
6). Note that the findings in the original paper were NEVER confirmed by anyone else.
7). Note at the time Baidu had over 90% of the Chinese search market, whereas Qihoo was just getting into it aggressively (hint, hint).
8). Note that there is a current libel case against the original publisher, National Business Daily. in Xuhui District People’s Court.
You are right! and I just want to say, you deserve the staff member title more than few other staff
 
  • Like
Reactions: MobilePCTech

jackuars

Level 27
Verified
Top Poster
Well-known
Jul 2, 2014
1,688
^^

And that too with 2 top antivirus engine, they must be paying as charges to Bitdefender + Avira. They are surely not let Qihoo use their hard worked databases for Free. But they do not have any income, at least from this field. How are they managing it? I know, they have some other businesses, but it quite strange. Same thing here about Baidu.

BitDefender SDK is free and do they have to pay for using virus definitions? You can download the definitions for free right?....I don't think they are paying for it.
 
  • Like
Reactions: frogboy and Kent

Chippel

Level 1
Verified
Jan 28, 2013
40
So if you disable the "join 360 security program" and "do not upload unknown files" does that mean they don't collect any documents and files from your computer?
 
  • Like
Reactions: Kent and MisterToto

jackuars

Level 27
Verified
Top Poster
Well-known
Jul 2, 2014
1,688
So if you disable the "join 360 security program" and "do not upload unknown files" does that mean they don't collect any documents and files from your computer?

Qihoo also uses a cloud scan engine, which is present in all antiviruses these days.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top