3

Would be correct to avoid crack/keygen software because of the risk of malware, even if an updated antivirus doesn't detect anything? (ignoring all legal problems involved)

Jader Dias
  • 15,996
  • 4
    Or, to paraphrase, "should I trust software with known illegal intent, to not try and install malware?" – Rowland Shaw Nov 03 '09 at 18:34
  • 2
    This is part of a risk/benefit analysis of stealing software. You can decrease the risk by getting the software from trusted sources but even then sometimes the trusted source releases are repacked with malware. Most of the supply groups that do releases are delivering clean software, it's the repacker/distributer that add the bad stuff. – Matt Nov 03 '09 at 20:21
  • 2
    Spyware is the least of your worries... Nothin' like a good file crypter that throws away the key. What can happen in 2015 is much more interesting... – Fiasco Labs May 07 '15 at 04:58

4 Answers4

3

Well, this question is quite subjective... Every software that does not come "untouched" from an original "trusted" editor should be treated as suspicious. So if you personally know or trust the creator of the keygen, you can consider it as safe.

Luka
  • 274
3

(ignoring all legal problems involved) you run the key generator in a 'disposable' virtual machine with the virtual network controller disabled. what's there to worry about (besides all legal problems involved)?

enjoy your virtual machine going berserk for a while, before trashing it. :)

  • Sometimes the supplied package doesn't put the malware in the keygen they put it in the install media (or both). And sometimes the keygen needs to be on the installed PC to grab reg/hardware data to make a key. So yes running the keygen in a throw away VM is a good idea but not always possible/perfect. – Matt Nov 03 '09 at 20:17
  • you might as well test the installation inside a VM, then run some up to date scanner over it ... but you are right, there is no 100% security. go and buy that stuff, some folks code for a living, ya know :) –  Nov 03 '09 at 20:32
  • Some malwares are smart enough now to check if they're running on a VM. Proves nothing to have it run without incident, once it's up a level, it knows it's got the whole playing field. The newest ones do drive wipes if you try to clean them... Get used to making good backups. – Fiasco Labs May 07 '15 at 05:08
0

The higher up the chain that the keygen comes from, the less likely it has a virus in it, but there is no one answer fits all.

Personally, in the few times I have needed to use one, I always do it on a PC that is about to be rebuilt (and disconnected from the network) or I do it in a VM and then go back to a snapshot.

But.... Don't use one illegally!

William Hilsum
  • 116,736
0

Yeah, because you might be the first one to download the Trojan. Not forgetting that big releases like Windows 7 causes some of the more creative black hat programmers out there who wish to make a name for them selfs tend to make 'key gens' under the guise of distrubing there new Trojan / spyware / kengen. Besides the fact the key gens tend to be legal bad juju.

Mark Tomlin
  • 1,299