[A2steaksauce]

[ QUOTE ]
[ QUOTE ]
[ QUOTE ]
anyway i still think that putting a trojaned update on a webserver would be next to impossible. if absolute rewrites the entire exe/dll during an update then the backdoor is gone. if absolute just patches the exe/dll then a patch is going to break at some point when things aren't how they should be.

[/ QUOTE ]


He doesn't need to modify AP client's source code. He just appends a small .exe rootkit which is then separated when installing.
It doesn't matter whether AP client is infected or not with next upgrades since rootkit is already installed from previous upgrade.

[/ QUOTE ]

ok AIG, you know too much. What's the deal?

[/ QUOTE ]

I don't know much about the technical jargon, but I can say that none of the cheating appears to have happened before the last AP update (they also had a major upgrade recently).