Internet Troubles Loom

This March 8th, the FBI is planning to unplug domain name servers (DNS) it set up to help eliminate malware from over half of Fortune 500 companies and government agencies still infected in early 2012. Those computers still infected with the Trojan, will not be able to access the Internet after the FBI shuts down their temporary servers.

…the feds replaced the criminals’ servers with clean ones that would push along traffic to its intended destination. Without the surrogate servers in place, infected PCs would have continued trying to send requests to aim at the now-unplugged rogue servers, resulting in DNS errors.

The malware, called DNSChanger Trojan, is said to illegally redirect traffic and prevent users from accessing the updates necessary to remove it. Without access to these critical patches, these large companies, government agencies, and home users are said to be more susceptible to hackers. (more…)

February 19th, 2012 | dsmith | Categories: Best Practices, Browser, DNS, Exploit, Maintenance, Security, Trojan, Virus, Vulnerability | Comments: Comments Off

Computer Viruses Evolve

New malware morphs into different shapes unattended by humans

Now this is quite a fascinating story, it seems the latest development is the accidental development of new super-malware strains created by viruses infecting executable files of worms. Worms are generally executable files and well, viruses infect executables – so you can imagine what happens.

Ten years ago, there was a clear-cut distinction between Trojans, viruses and worms. They all had their own features specific to one family of malware only. As more people connected to the internet, cyber-criminals started mixing ingredients to maximize impact. And here I’m thinking Trojans with worm capabilities or viruses with Trojan features, and so on. (more…)

February 5th, 2012 | dsmith | Categories: Exploit, Flaw, Linux Mint, Malware, Security, Trojan, Virus, Windows, Windows XP | Comments: Comments Off

Exercise your Computer

It’s always kind of surprising to me how many people don’t really bother to maintain their PC. A lot of folks seem to think that they can simply let their computer run without any sort of user intervention at all. The trouble is, it doesn’t work that way. As with one’s vehicle, which needs timely maintenance, so does your computer. Your computer’s is a complex, intricate machine, and it needs to be well-cared for in order to properly function, if not you will suffer problems down the road.

What’s more, it’s not just the hardware of a system that has a tendency to degrade over time. Modern computers are complex, intricate pieces of technology- fifty years ago, people wouldn’t have even dreamed this sort of stuff existed. As with any complex system, sometimes things tend to go wrong. A glitch in the software here, a misplaced line of code there, and boom. What’s shocking isn’t the fact that there’s literally thousands of ways a computer could break down and simply stop working. No, what’s shocking is that most of these issues, most of these errors, are preventable. Windows users suffer through lot’s of problems, this is why I openly advocate Linux.

Here’s a few exercises (primarily meant for Windows users) that you should do, to ensure that your computer is in top working condition.

(more…)

January 7th, 2012 | dsmith | Categories: Adware, Anti-virus, Best Practices, Cost Savings, Desktop, Hard-drive, Laptop, Maintenance, Malware, Recovery, Repair, Virus, Windows | Comments: Comments Off

Windows Patch Tuesday – December 2011

Patch up warmly this winter if you’re running Java, as Oracle’s software platform is the single biggest target for hackers. Java proved the single most popular target in the 12-month period to the end of June, according to Microsoft’s latest Security Intelligence Report has found here. Running Java as a Web-browser Plugin is much more dangerous than Flash, and you should disable the Java Applet Plugin.

Microsoft today issued software updates to patch at least 19 security holes in Windows XP, Vista, 2003 and 7 (no surprise there), including three flaws that earned the company’s most serious “critical” rating. Separately, Oracle released a security update that fixes several issues in its Java software. (more…)

December 13th, 2011 | dsmith | Categories: Best Practices, Bugs, Exploit, Flaw, Internet Explorer, Java, Linux, MacOS, Malware, Microsoft, Oracle, OS X, Patch, Security, Trojan, Updates, Virus, Vulnerability, Windows, Windows 7, Windows Vista, Windows XP | Comments: Comments Off

Windows 8 Antivirus

In a move that is likely to anger the antivirus industry, Microsoft is adding security features from its Security Essentials program to Windows 8. This is good news for consumers, but bad news for the antivirus industry. Microsoft should have been doing this since the release of Windows 95. While many of us do simultaneous facepalms and giggle at a decade-late decision, others question the legality of doing so. A multi-billion dollar industry has grown, based on the absolute porous operating system that is Microsoft Windows.

That’s right. Microsoft this week began offering U.S. customers its free antivirus program via Windows’ built-in update service, a move one major security firm said may be anti-competitive. Microsoft is adding features from its Security Essentials program, which is currently available as a separate download for Windows users, to the Windows Defender package already built into Windows. This means that Windows 8 users will get out-of-the-box protection against malware, along with firewall and parental controls from within Windows without requiring users hunt down a separate download or buy new software. (more…)

November 23rd, 2011 | dsmith | Categories: Anti-virus, Linux, Linux Mint, Malware, McAfee, Microsoft, Security, Symantec, Trend Micro, Trojan, Virus, Windows, Windows 7, Windows 8, Windows Vista, Windows XP | Comments: Comments Off

My Scam PC

I’ve seen this ad on TV for a program to speed up your computer off on on when viewing cable. The program that installed was called “Cyber Defender”. It’s listed in many sites on the internet as a possible Virus, Trojan or Rogue.

It would do one and only one operation and that was to scan the registry. Or at least it appeared that’s what it was doing. I was locked out of selecting any other options. Then it reported over 400 errors in my registry, but when I hit the button to Fix the problems, it took me right to there web site, where I was presented with the opportunity to spend money to buy their program. (more…)

November 22nd, 2011 | dsmith | Categories: Best Practices, Cost Savings, FUD, Malware, Recovery, Repair, Ripoff, Trojan, Virus | Comments: Comments Off

BING!…your infected

Search engines from Microsoft and Yahoo! Have once again been caught displaying ads that direct users to malicious content, some that infects them with malware that’s hard to detect and get rid of, researchers said. I see that they put as much thought into who is allowed to advertise as they do in making a stable operating system.

Queries such as “FireFox Download,” “Download Skype,” and “Download Adobe Player” typed into the sites returned links promising to deliver the software requested but instead attempted to hijack people’s computers, GFI Labs researcher Christopher Boyd said in a blog post published Friday. Clicking on the links takes users to pages that look like the software maker’s official site, except for the URL.

Users who downloaded and installed the software are in for a nasty surprise.

“As an example, the fake Firefox file installs a rootkit, runs IE silently in the background attempting clickfraud and also performs Google redirects,” Boyd wrote. Microsoft and Yahoo were in the process of removing the malicious ads, he said.

It’s not the first time widely used search engines have been caught displaying ads intended to harm their millions of users. Ad services used by Google and Yahoo have repeatedly been duped into serving content that punts malware and other threats.

Criminals often go to elaborate lengths to pose as legitimate marketers in an attempt to get links to their toxic wares in front of as many eyeballs as possible.

“Microsoft’s Security Team has identified the source of this malware attack and is blocking those sites from loading additional malware,” the company said in a statement. “We are continuously monitoring our sites to protect customers; and also working with law enforcement authorities to find and prosecute the people responsible for these types of attacks.”

Bing Forum thread has Wil from Bing telling a webmaster that it can take between 3 and 6 weeks to have a malware label removed from the search results.

This is in comparison to Google which normally can remove a malware label within 24 hours.

I am not sure if this is a special case or if most Malware reviews take 3-6 weeks at Bing. Wil from Bing said:

Your issue is already being reviewed. Malware re-evaluation requests take 3-6 weeks to finalize our review and create a new reputation ranking of the page/site. A representative will get in touch with you for updates.

When you are presented with Malware via Bing, Bing disables the link but does allow the searcher to ultimately visit the page at their own risk. I’d assume 99.999% of those searchers run.

Bing has a detailed post on Malware on their blog with more information.

Malware and hacked sites are a huge issue in search. Google has been very good at handling it for the most part recently and is excellent at removing the malware or hacked label quickly after the site is fixed. Bing takes 3-6 weeks? Well, that seems excessive. Maybe I am reading it wrong?

This is why I tell people to NOT use Internet Explore. If you must continue using Windows unfortunately, then please by all means use ESET NOD32 in conjunction with HitManPro.

November 11th, 2011 | dsmith | Categories: Adobe, Browser, Bugs, Chrome, Firefox, Google, Internet Explorer, Malware, Microsoft, Scam, Security, Skype, Virus | Comments: Comments Off

Low-Cost $200 Computer

If you need a second or third computer but money is tight, you don’t need to buy a full system. You can build a surprisingly speedy Linux PC that will excel at everyday tasks, and cost less than $200. I highly recommend this with young children in the home, or for use as a dedicated banking computer. Why?, because you will NOT have to deal with it getting infected with a virus to boot.

No one who expected the languid economy to have fully revived by now can be cheered by the way things have gone this summer; the volatile stock market alone has been a constant dispenser of heartache. So if you’re in need of a computer, even just a small one to do basic, everyday things, you may have put it off because of the uncertainty currently surrounding, well, everything. But it’s possible to build a PC yourself for an obscenely low cash layout—less than you’d spend on pretty much any full system on the market.

In fact, you can even do it for as little as $200. And no, that’s not a typo.

 This was written about last year , back when it looked like the economy’s most turbulent days were behind it. But because money issues have persisted, and because relative luxuries like technology are usually the first line items to be cut from most home budgets, we wanted to revisit the notion. We started browsing our favorite Web components outlet, Newegg.com, with the intent of answering three questions: Could we do it again? Could we build a better computer this time around? And could we do it for significantly less than we had the first time?

The answer to the first question was a no-brainer: absolutely. Even as recently as several years ago, the PC industry hadn’t yet advanced to a point where a threshold this low would result in a complete PC of any recognizable kind. As hardware has improved, that quality has slowly filtered down to the lowest price ranges, making good components both cheaper and easier to find.

It was also obvious that our new desktop would be superior in terms of performance. We didn’t want to build exactly the same system this year, but we’d been concerned that the final product wouldn’t be different enough to justify a second attempt. But once we started shopping, it didn’t take us long to discover that prices had fallen enough in the last year for us to get some more impressive parts. You’re still not going to confuse this PC’s capabilities with those of a more expensive desktop, but even in just a year the possibilities have considerably expanded.

As for whether we could spend a lot less this year than we could in 2010… Technically, yes. But that would have violated our most important precept: This had to be a computer we could really use. Building a system that costs this little already requires major compromises in some areas, and shaving off too many additional dollars would have seriously hobbled usability and upgradability. We could have put together something for closer to $150, but we didn’t want something—we wanted a computer we could feel good about integrating into our lives right away, and feel comfortable about tweaking and expanding in the future.

What follows is a look at how we accomplished this: the parts we chose, why we chose them, how we put them together, and what we gave up along the way. We’ll also run through a list of some “budget-busting” items that we couldn’t include if we wanted to stay below our $200 ceiling, but that we’d definitely investigate if we had another few bucks to rub together.

We understand that building the least-expensive computer possible isn’t something that will appeal to everyone. As we said last year, this is as much a thought experiment as it is an actual build project—you can do it, and get great results (we still use our original sub-$200 PC regularly), but under most circumstances you would make different, more expensive, and (we admit it) more exciting choices. What it proves, however, is that you should never feel constrained by your bank account, even if it’s as empty as a politician’s promises. When you’re building computers, almost anything is possible at any price, and with a little bit of research, a little bit of thought, and a little bit of sacrifice, you can get what you need without courting bankruptcy. In economic times both scary and spirited, that’s something worth remembering.

Once you remove Microsoft from the picture, you start saving $100′s of dollars. How, you may ask? Well you can obtain a complete OS like Linux Mint online and download a full office suite like LibreOffice for $0.

November 11th, 2011 | dsmith | Categories: $200 computer, Cost Savings, LibreOffice, Linux, Linux Mint, Virus, Windows | Comments: Comments Off

Windows PC Malware

The latest semi-annual Security Information Report (SIR) from Microsoft has been released, and its 232 pages carry reminders of some important facts about computer viruses, other malware and overall PC security.

Here is the link to their blog: http://blogs.technet.com/b/security/archive/2011/10/10/latest-microsoft-security-intelligence-report-now-available.aspx

When it comes to Windows, there are ten things that one should keep in mind:

Infections happen

According to the report, of all the computers that visited the Microsoft Malicious Software Removal Tool(MSRT) in the first half of 2009, 8.7 out of 1,000 (that is, not quite one percent) had some kind of malware infection identifiable by the tool.

The hot spots were Serbia and Montenegro, where the rate was 97.2 per thousand, Turkey with 32.3, Brazil with 25.4, Spain with 21.6, South Korea with 21.3, Saudi Arabia with 20.8, and Taiwan with 20.4.

The cleanest were computers in Finland with a rate of 1.9. The U.S. rate of 8.6 was nearly the same as the global average. (Other sources–typically malware protection vendors who see no reason to be coy–quote much higher infection rates.) Not mentioned by the Microsoft report is that Apple Macintosh infections remain rare.

Malware amounts to an ecosystem

There’s viruses that replicate themselves and spread to other computers, sometimes just for its own sake.

They’re called worms if they do it through e-mail or instant messaging. Trojans follow the metaphor of Homer’s Trojan Horse, whose occupants emerged in the night to open the Troy’s gates to a devastating attack. Spyware watches your actions for marketing purposes. Adware produces annoying popup ads. Malware, incidentally, is any software you didn’t ask for, especially software that has malicious intent. A bug, meanwhile, is any software that doesn’t work right–and may be preferable to malware.

Malware has many sources

You can get an infection by visiting a malicious Web site, or by clicking a file attached to spam e-mail, through a p2p file-sharing network, by downloading what you thought was free software, or by using an infected removable device like a USB memory stick. Intrusion attacks can come in over the Internet.

Malware can bite

Many trojans will download other malware that take root in our computer and start doing nasty things. These include password stealers and keyloggers that will try to swipe your account information so that someone else can swipe your money. Or they may turn your computer in to botnet node, under the remote control of a bot herder, who will typically use it to spew spam.

Trojans rule (in the U.S.)

If you’re going to get an infection, at least in the U.S. it’s likely to be some kind of Trojan. According to the SIR, 42 percent of the infections that the MSRT discovered were Trojans. Adware was also big at 16.3 percent. Nasty password stealers amounted to 4.1 percent. Elsewhere, infections are a toss-up. In Brazil, for instance, password stealers aimed at on-line banking predominate. Spain and South Korea have little in common, but both are afflicted by worms that target on-line gamers.

Vulnerabilities vary

Not all operating systems are equally vulnerable. Microsoft’s figures show that unpatched Windows XP has an infection rate of about 32.5 per thousand–about four times the global average. The rate falls to a sub-average 8 for thousand for Windows XP with Service Pack 3 (i.e., fully updated.) The rate for updated Vista machines was 3.1 per thousand for the 32-bit version, and 2 per thousand for the 64-bit version.

Patching works

Hackers have a reputation of being ahead of the software vendors, but in reality they often use vulnerabilities for which patches has already been issued. Even when the bad guys get the upper hand, it may not be for long. Microsoft likes to use the example of the “Reno” Trojan that was attacking Vista, causing Windows Explorer to generate trackable error reports. After Microsoft issued a patch, the reports fell from 1.2 million error reports daily to less than 100,000–in three days. Within a month it was off the chart.

Updating works

The rate of infection of 64-bit versions of software was usually a third lower than the rate of infection of the 32-bit version.

Malware is not the only danger

The big news is the rise in phishing–e-mail that tries to trick you into revealing information that could be used for ID theft or other fraud. The phishers have been going after denizens of social networking sites and even large corporations.

Upshot: Update your gray matter

Software can’t protect you against the phishing plague–only common sense can do that. If some random e-mail asks for your personal information because somehow otherwise your bank account, or our game subscription, or your corporate computer privileges will be suspended, delete it.

Yes, this is why I show people Linux all the time, where you do not put up with all this mess. Who has the time to keep up with all of this garbage? It’s a wonder anyone gets any work done using Windows. There are two lines that I carry with me and I use them often these days:

“In a world without walls and fences, who needs Windows and Gates?”

“I get paid to support Windows, I use Linux to get work done.”

 

November 9th, 2011 | dsmith | Categories: Adware, Linux, Malware, Microsoft, Trojan, Virus, Windows, Windows Vista, Windows XP | Comments: Comments Off

PC Phone Scam


Online con artists are targeting PC users worldwide in a brazen scam. It starts with a phone call from a “tech support specialist” who warns that your computer is infected with a virus. To fix things, all you have to do is give the caller remote access to your PC. Here’s what happens next.

An old social-engineering scam appears to have taken on new life lately, targeting PC users worldwide.

 

Ironically, the scam doesn’t use a computer at all—at least, not initially. Instead, it starts with a phone call from someone who claims to be affiliated with Microsoft or another legitimate company or government agency.

The caller then asks for the primary computer user in the house, who is told: “Your computer has downloaded a virus.” And, of course, the caller is ready and willing to fix the problem. All you have to do is navigate to a web site, click a link to install some remote-control software, and allow the “technician” to get to work.

The perps are using legitimate remote-assistance software, like the Ammyy Admin program from Ammyy Software Development, which posted a warning that included some reports the company has received from scam victims:

“I got call from an India based consultant who said to me that he is calling from a govt. organisation in Melbourne, Australia. He made me to log into my computer to track some files and without advising me he wanted me to download a software application from ammyy.com and get remotely connected to a technician to delete some files…”

“I was recently called by what I thought was my internet service provider technician who used Ammyy to gain remote access to my computer – after I stupidly granted him that permission. It turns out that he was nothing to do with my internet service provider. When I became suspicious and began questioning him he said he would show me who he was and opened a website of a company – the web site triggered my virus software and I then demanded that the remote access be terminated…”

The scam has been around for a few years. Charles Arthur at the Guardian UK wrote about a similar scam last year, noting that it had been “going on quietly since 2008 but has abruptly grown in scale this year.” He wrote about it again in March 2011. This appears to be another wave, judging from the sudden increase in complaints I’ve seen recently.

I’ve heard from Windows users and legitimate support specialists who’ve seen this scam in action in Australia, Canada, and the UK. I also got one reliable report from an extremely trustworthy source: my mother.

A caller with a thick accent tried to run this scam on a user, who peppered the caller with questions. What’s your name? What’s your company’s name again? What’s your phone number?

A user’s Caller ID said the call originated from 999-910-0132; the caller claimed to be from a company that sounded something like Alert Center, and she gave a callback number of 609-531-0750.

If you plug those numbers into a search engine, you’ll find that they lead to a group of companies using identical website templates under different names, including TechResolveItek Assist, and—bingo—AlertSoft. A company with the unimaginative name Custom Design Firm, at the same address in Kolkata, India, also offers custom web-design and search-optimization services at exorbitant prices.

The user eventually hung up on the scammers, but others haven’t been so lucky. If a victim falls for the scam, the next step involves a credit card, naturally, as this victim reported:

Posed as troubleshooter, got into my system, used a “safe code” to get into my computer. Claimed my machine has been hacked into and infected with a virus. Tom and John, heavy Asian accents. Wanted to install “lifelong protection” for $130. I balked. They have my name and number and have been calling incessantly. I’m concerned that they might have planted something in my computer that allows them access.

Indeed, that’s a legitimate concern. Once a victim has granted an intruder remote access, it’s impossible to tell exactly what sort of damage they’ve done. If you know someone who has fallen for this scam, you should assume their computer has been compromised and respond appropriately.

Most readers of this blog are sophisticated computer users who would laugh out loud at an attempt like this. But you probably have friends, family members, or clients who could use a heads-up on this one. If you get a call from someone claiming to have detected a virus on your PC, just hang up.

November 7th, 2011 | dsmith | Categories: Attack, Best Practices, Ripoff, Scam, Uncategorized, Virus, Windows | Comments: Comments Off

Next Page »