A warning, K-Lite codec pack can install Infatica.

pc1

pc1

n3wb
May 7, 2018
21
16
I recently saw unusual entries in my Asus router's AI Protection logs. I ran a full scan of windows defender, found nothing. I then ran Malwarebytes, it flagged Infatica as a pup. Infatica is a proxy service, and while it can have legitimate uses, it has high potential for malicious use. When you first install K-Lite codec pack, it will also install Infatica unless you deselect it. ( K-Lite codec pack updates do not install Infatica, just a full install). Just a warning to be very careful to not install Infatica during a K-Lite codec pack install. Anyway, I'm now planning a full system wipe and install of windows LTSC.
 
  • Like
Reactions: TonyR
Good to know.

Yes, so many of my clients and friends will install a legit program but in their haste (I guess) fail to notice and uncheck boxes for McAfee Scan, Mindspring crap and so on ad nauseam then call me, I look at it and of course I hear "...but I didn't install that." :lmao:
 
  • Haha
Reactions: looney2ns
Have you asked the authors why it installs this if it has legitimate uses? It maybe for their update service or some other reason eg usage data. I have Klite on my system and malwarebytes and it doesn't detect infactia on my system albeit my klite is an older version.
 
I posted the question at codecs.forumotion.net , it was silently deleted soon after. The attached image is the step in the install process where you have to decline the Infatica installation, and does not suggest it has any legitimate use.
As for the threat actors, the system I had inadvertently installed Infatica on during K-Lite install, soon began lighting up my router's AI Protection logs with many entries for "Malicious Sites Blocking", "Two-Way IPS", and "Infected Device Prevention and Blocking".
I wiped the system and reinstalled to a prior backup, installed K-Lite without Infatica, and no more AI Protection entries were seen.

infatica.PNG
 
That is new. It's seems obviously a commercial deal with Klite.

I personally wouldn't want it installed.

Web search results:

blog.oudel.com

Exploring Infatica P2B Network Windows 11

Exploring infatica P2B network Windows 11. In the digital age, connectivity is crucial for both individuals and businesses alike.
blog.oudel.com blog.oudel.com

infatica.io

Proxy Service Provider: Buy Cheap, High Quality & Private Proxies with trial for $8 | Infatica

Looking for reliable proxy servers provider? Infatica got you covered! We offer a large pool of high-quality residential IP addresses, datacenter, and mobile proxies and scraper API service.
infatica.io infatica.io

Thnaks for bringing this to everyone's intention.
 
And just fyi to get an idea of the threat level resulting from Infatica, the router's AI Protection logs had literally hundreds of entries in these threat categories:
C&C Server
SSH Brute Force Login
WEB SQL injection attempt -2.u
WEB SQL injection attempt -41
WEB SQL injection attempt -17.a
EXPLOIT Arbitrary Code Injection -1
WEB Apache HTTPD mod_proxy_ajp Denial Of Service (CVE-2011-3348)
WEB Remote File Inclusion /etc/passwd

and hundreds more "Malicious Sites Blocking" entries
 
  • Wow
Reactions: TonyR
You must log in or register to reply here.
Top Bottom