Jump to content
Login with your Gmail HERE and start posting in seconds! ×
Don't just read! Be part of the Community! Join the conversation ×
Our Newsletter now includes a Sunday edition! Stay updated 7 days a week!

You have two weeks to clean up your computer...... or else.

Chicog

By Chicog
in IT and Computers

 Share

Recommended Posts

  • Replies 89
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Chicog Star Member

Chicog

Posted
  • Author
Posted

<script type='text/javascript'>window.mod_pagespeed_start = Number(new Date());</script>

It's a virus spread by phishing emails and dodgy links, that's installed itself silently on unprotected computers.

It's already been used to steal an estimated $100m by siphoning off peoples' bank details etc.

Apparently they have temporary control over it so that it can't do anything, but that expires in two weeks.

Because it's now been publicised, they anticipate that as soon as their controls lapse, the criminals that control it will go to work. It can do two things:

(1) Steal your passwords.

(2) (Possibly) Encrypt your hard disk and ask you for money to decrypt it.

They recommend:

(1) Running one of the scanners listed above.

(2) Applying all Windows patches (i.e. do a Windows Update).

(3) Applying all patches to things like Java, Adobe Reader, etc, (Secunia PSI is good for this).

(4) Making sure you have a decent anti-virus package installed, and that you keep it up to date.

(5) Changing your passwords.

"It's already been used to steal an estimated $100m by siphoning off peoples' bank details etc."

Can you please share some further information:

Is that meaning cyber based bank accounts (Internet banking), or?

In other words are my simple savings accounts, with Thai banks (not connected to internet banking) also at risk of this skimming?

And, are simple savings account with an ATM card at higher risk compared to accounts with no ATM card?

Please share, and thank you.

If you don't have online banking you're OK. The risk here is that people have their online banking credentials stored on their computer, or login while the malware is monitoring keystrokes.

The criminals will then login to your account and transfer money to accounts of their choice.

Although sometimes they've already conned some idiot to be their "Finance Manager" and put the money in their accounts, then ask them to take out 95% of it and send it Western Union or something.

You'd be amazed how gullible people can be when they're getting free money.

One Dubai bank took a couple of hundred of its account holders to court a year or two for doing exactly that.

MILT Gold Member

MILT

Posted
Posted

<script type='text/javascript'>window.mod_pagespeed_start = Number(new Date());</script>

Mac no attack!

Is this true? I just had a new, Windows 8 computer shipped from America. Should I have gone Apple?? alt=whistling.gif> alt=bah.gif>

Yes

Windows: Tiny chance of losing a lot.

Mac: 100% chance of paying too much for your computer and the software it runs.

It's probably a wash if you keep your security up to date.

Probably notable that the attack is related to Cryptolocker, which encrypts your hard drive until you send them money for the solution. So it's not just about stealing passwords and bank info.

What's too much? No headaches, and it is cheaper than tossing my window based pc out the window and buying another one cause "I aint gonna change my mind" attitude.

seancbk Gold Member

seancbk

Posted
Posted

Linux, game over (I win)

Sent from my Galaxy Nexus SlimKat using Tapatalk

Me too. Just updated all four of my computers to Mint 17 :-)

Also who is stupid enough to get caught out by phishing emails these days???

  • Like 1
sunshine51 Platinum Member

sunshine51

Posted
Posted (edited)

In all actuality...Mac's get infected also...they are not 100% immune to the nasties

out in the ether we know as the internet/world wide web. Mac's just don't get infected

as often as MS products do...that's all.

This new stealth threat poses some serious concerns we should all be aware of

instead of thinking or expounding "I'm Safe"...because we are not safe...both

Mac & Win users...and the Linux commmunity.

The following are links to various websites with more info on this "new" threat

which actually isn't that new...it's just been reworked to make it more nasty than

before. Links below...

http://www.syssec-project.eu/m/page-media/3/zeus_malware13.pdf

http://nakedsecurity.sophos.com/2014/02/27/notorious-gameover-malware-gets-itself-a-kernel-mode-rootkit/

http://threatpost.com/fbi-european-authorities-go-after-gameover-zeus-botnet

https://threatpost.com/cryptolocker-creators-infected-nearly-250000-systems-earned-30m-since-september/103261

https://threatpost.com/gameover-zeus-variant-sends-malicious-email-cutwail-botnet-120512/77284

http://www.us-cert.gov/ncas/alerts/TA14-150A

http://www.sophos.com/en-us/products/free-tools/virus-removal-tool/download-now.aspx

The last link is for the Sophos free scanner & removal tool...just FYI. It will work with your

current security software without any hiccups. I just ran it on my machine without a single

problem & I use Bitdefender Totalsecurity...which is kinda picky in itself.

Run your security software after updating it for this threat, if you're clean then back

up your computer NOW....not tomorrow or next week.

Hope this helps somebody...or a lotta people.

Edited by sunshine51
arjunadawn Gold Member

arjunadawn

Posted
Posted

This sounds vaguely familiar; perhaps that's why I find homeland security and FBI led info dubious.

It was within a year or so another phishing/malware bug was detected, that called home, or out, and authorities set up a dummy server routing the multitudes of requests- of countless users to countless websites- through this dummy server. Ppl would have hardly realized this was happening but by this action the final step of the malware- the call home- was prevented at the server. However they could not do this indefinitely and eventually announced that yes, the bug is still out there, and by x date we, the us Gov, will take this server off line. Therefore, please update Microsoft antivirus, blah, blah.

For me this post sounds oddly similar. For two, such oddly behaving bots, to become "scary monsters" within such a short period of time, and this second not even reference the Homeland Security phishing/server affair from less than one year ago, is incredulous. I'm sure it's valid; no sense not to believe it, it just smells really funny. Both announced a pre existing bot and an expiry to act. With bot countdowns, you must either know the bot is clocking down or admit a server is artificially postponing time.

Folks should generally keep all the updates current, and antivirus AND malware software current. Most threats are not defined as viruses any longer, folks. You need these items and I would seriously consider a better firewall than Windows- it's ok at stopping things from getting in, but sucks from stopping software from calling out. (I use KIS Malwarebytes and Zone Alarm- and I stay safe doing some unsafe things).

  • Like 2
seancbk Gold Member

seancbk

Posted
Posted

Mac: 100% chance of paying too much for your computer and the software it runs.

I appreciate that Mac's might be out of many's budget, but they're certainly not overpriced, if you compare apples to apples and understand that quality costs.

I have 130K Baht Sony VAIO-Z I never use at all anymore since work provided me with a 110K Baht Macbook Pro (which runs Windows as well as OSX BTW - it's not about the OS).

The Mac is the first computer I've *ever* used that doesn't piss me off. Hard to put a price on that wink.png

I have a top of the range Sony Vaio laptop, a 2013 Macbook Air, a Zotac AD10 media box and a very high end desktop - On all these machines the first thing I did was wipe the OSs (win 7, win 8 and OSX) and replace it with Linux Mint.

JesseFrank Platinum Member

JesseFrank

Posted
Posted

In all actuality...Mac's get infected also...they are not 100% immune to the nasties

out in the ether we know as the internet/world wide web. Mac's just don't get infected

as often as MS products do...that's all.

This new stealth threat poses some serious concerns we should all be aware of

instead of thinking or expounding "I'm Safe"...because we are not safe...both

Mac & Win users...and the Linux commmunity.

The only reason Mac and Linux get less infected is that less PC's run those operating systems, but in fact they are as vulnerable as Windows. It has nothing to do with better quality.

In fact Open source OS is the most vulnerable of all, but it would affect the least people, so why bother

The point is that the culprits who create the malware try to affect as much operating systems as possible with their treats, hence they write it for most widespread operating system.

  • Like 1
Suradit69 Diamond Member

Suradit69

Posted
Posted (edited)

Really, really thanks.

But can I have the 'Dummies' version please?

Dumb it down to me, explain the implications, that which is affected and what to do.

Thanks

Dummies version:

If your PC runs Windows, go update your antivirus definitions and run a full system scan. Then do it again tomorrow, and the next day, and the next - JIC

If your PC runs OSX, just keep on waiting with baited breath for Yosemite tongue.png

"If your PC runs OSX, just keep on waiting with baited breath for Yosemite"

Bated or baited?

I had a good kitty once whose breath seemed to have been baited by a tuna.

Same old nitpicking crap by others wanting to undermine members who only want to help !!!! Get a life !!

He said picking nits. I have a life thank you. Fortunately it isn't burdened by constipation and still finds harmless humor in the things people say. I certainly appreciate the member informing me I should "wait[ing] with baited breath for Yosemite" as well as your helpful comments about crap, an area in which I readily concede that your expertise far surpasses mine. Get a life indeed.

Edited by Suradit69
JSixpack Ruby Member

JSixpack

Posted
Posted

In all actuality...Mac's get infected also...they are not 100% immune to the nasties

out in the ether we know as the internet/world wide web. Mac's just don't get infected

as often as MS products do...that's all.

This new stealth threat poses some serious concerns we should all be aware of

instead of thinking or expounding "I'm Safe"...because we are not safe...both

Mac & Win users...and the Linux commmunity.

The only reason Mac and Linux get less infected is that less PC's run those operating systems, but in fact they are as vulnerable as Windows. It has nothing to do with better quality.

In fact Open source OS is the most vulnerable of all, but it would affect the least people, so why bother

The point is that the culprits who create the malware try to affect as much operating systems as possible with their treats, hence they write it for most widespread operating system.

Typical hawg-waller myth.

Recent assessment: http://www.zdnet.com/uks-security-branch-says-ubuntu-most-secure-end-user-os-7000025312/

Another article of interest: http://www.freeyourselffrommicrosoftandthensa.org/01-how-micrsoft-became-a-branch-of-the-nsa/1-2-why-linux-is-more-secure-than-windows

HerbalEd Platinum Member

HerbalEd

Posted
Posted (edited)

Did anyone actually read all of this tome? I'd rather get a root canal than do so.

Edited by HerbalEd
masuk Gold Member

masuk

Posted
Posted

It's a virus spread by phishing emails and dodgy links, that's installed itself silently on unprotected computers.

It's already been used to steal an estimated $100m by siphoning off peoples' bank details etc.

Apparently they have temporary control over it so that it can't do anything, but that expires in two weeks.

Because it's now been publicised, they anticipate that as soon as their controls lapse, the criminals that control it will go to work. It can do two things:

(1) Steal your passwords.

(2) (Possibly) Encrypt your hard disk and ask you for money to decrypt it.

They recommend:

(1) Running one of the scanners listed above.

(2) Applying all Windows patches (i.e. do a Windows Update).

(3) Applying all patches to things like Java, Adobe Reader, etc, (Secunia PSI is good for this).

(4) Making sure you have a decent anti-virus package installed, and that you keep it up to date.

(5) Changing your passwords.

Bangkok Bank has just notified customers that they're closing their computer for maintenance as from tomorrow morning.

lopburi3 Legendary Member

lopburi3

Posted
Posted

Current Bangkok Bank advisory is for mbanking (phone/ipad) only as below:

Due to system maintenance, Bualuang mBanking will be temporarily unavailable on Friday June 6th, 2014 at approximately 11.00 p.m. until Saturday June 7th, 2014 at approximately 09.00 a.m.
(Bualuang iBanking can be used normally.)
Pib Star Member

Pib

Posted
Posted

To help defeat all the new malwares of the day, I change all my passwords twice a day, do a full antivirus scan first thing in the morning and before going to bed, and only access the internet when I absolutely have to...like to download new antivirus updates and use ThaiVisa.

Doing all of above makes my use of computers now days pretty labor intensive and not much fun anymore. I'm thinking about reverting to a rotary dial phone, snail mail, and printed newspapers....I figure if my parents survived in such a "non-computer" world I can to. But on second thought, I'll probably decide to continue to use my computers and just not jump-off-the-cliff with each new malware I hear about....plus, I couldn't stand to give up ThaiVisa. OK, time to log off ThaiVisa as I need to scan my computer.

  • Like 1
Chicog Star Member

Chicog

Posted
  • Author
Posted

Just to be 100%

It comes in within a link or an email.

So....do NOT open any thing that you don't recognise.

The problem is that a lot of drive by hackers these days drop their malware links onto legitimate sites, so you can click on something that you expect to be clean and it isn't.

When I spot such things I normally email the webmasters to tell them, but about only about 1/10 respond.

harleyclarkey Gold Member

harleyclarkey

Posted
Posted

Just to be 100%

It comes in within a link or an email.

So....do NOT open any thing that you don't recognise.

The problem is that a lot of drive by hackers these days drop their malware links onto legitimate sites, so you can click on something that you expect to be clean and it isn't.

When I spot such things I normally email the webmasters to tell them, but about only about 1/10 respond.

Scarey.

Could you please elaborate a little as to how we could recognise the threat.

I always thought that I had to open/download a virus and this was always in an email or a link in a site I don't recognise.

Thanks for your great post....very informative.

dharmabm Silver Member

dharmabm

Posted
Posted

The only reason Mac and Linux get less infected is that less PC's run those operating systems, but in fact they are as vulnerable as Windows. It has nothing to do with better quality.

In fact Open source OS is the most vulnerable of all, but it would affect the least people, so why bother

The point is that the culprits who create the malware try to affect as much operating systems as possible with their treats, hence they write it for most widespread operating system.

This post is such utter nonsense that it doesn't even warrant a response, except that TV members should be aware that he hasn't the slightest clue what he is talking about!

Sent from my Galaxy Nexus SlimKat using Tapatalk

  • Like 1
Chicog Star Member

Chicog

Posted
  • Author
Posted

The only reason Mac and Linux get less infected is that less PC's run those operating systems, but in fact they are as vulnerable as Windows. It has nothing to do with better quality.

In fact Open source OS is the most vulnerable of all, but it would affect the least people, so why bother

The point is that the culprits who create the malware try to affect as much operating systems as possible with their treats, hence they write it for most widespread operating system.

This post is such utter nonsense that it doesn't even warrant a response, except that TV members should be aware that he hasn't the slightest clue what he is talking about!

Sent from my Galaxy Nexus SlimKat using Tapatalk

Strangely enough he is spot on. The criminals want the best bang for their buck so they target the msot common OS's.

The Open Source bit is controversial subject; some think everyone seeing the source code makes it easier to write exploits, others say that the fact that everyone can see the source code makes it easier to spot them.

But it is definitely less of a target than MS operating systems.

So if his post is "utter nonsense" perhaps you'd care to share your opinion with us as to why?

  • Like 1
Chicog Star Member

Chicog

Posted
  • Author
Posted

Just to be 100%

It comes in within a link or an email.

So....do NOT open any thing that you don't recognise.

The problem is that a lot of drive by hackers these days drop their malware links onto legitimate sites, so you can click on something that you expect to be clean and it isn't.

When I spot such things I normally email the webmasters to tell them, but about only about 1/10 respond.

Scarey.

Could you please elaborate a little as to how we could recognise the threat.

I always thought that I had to open/download a virus and this was always in an email or a link in a site I don't recognise.

Thanks for your great post....very informative.

To be brutally honest I'm not sure you can, unless your anti-malware picks it up. The only reason I see so many is that we run an Intrusion Detection appliance here that has access to a large database of exploits and runs any executable code in a Virtual Machine to see if it's harmful. This all happens before it gets anywhere near the users PC.

I would bet that out of the estimated million machines that have GoZ on them, many of them will have up to date antivirus software that just didn't spot it.

Having said that, if you really want to do as much as you can to protect yourself, there are things you can do in your Browser to tighten things up. Here's some bedtime reading for you.

http://www.us-cert.gov/publications/securing-your-web-browser

harleyclarkey Gold Member

harleyclarkey

Posted
Posted (edited)

Just to be 100%

It comes in within a link or an email.

So....do NOT open any thing that you don't recognise.

The problem is that a lot of drive by hackers these days drop their malware links onto legitimate sites, so you can click on something that you expect to be clean and it isn't.

When I spot such things I normally email the webmasters to tell them, but about only about 1/10 respond.

Scarey.

Could you please elaborate a little as to how we could recognise the threat.

I always thought that I had to open/download a virus and this was always in an email or a link in a site I don't recognise.

Thanks for your great post....very informative.

To be brutally honest I'm not sure you can, unless your anti-malware picks it up. The only reason I see so many is that we run an Intrusion Detection appliance here that has access to a large database of exploits and runs any executable code in a Virtual Machine to see if it's harmful. This all happens before it gets anywhere near the users PC.

I would bet that out of the estimated million machines that have GoZ on them, many of them will have up to date antivirus software that just didn't spot it.

Having said that, if you really want to do as much as you can to protect yourself, there are things you can do in your Browser to tighten things up. Here's some bedtime reading for you.

http://www.us-cert.gov/publications/securing-your-web-browser

Thanks again.

Is it just coincidence that just right now I got in 4 daemon mailer failure notices with links and 2 with an attached file???

I just hope to heck that the anti virus boys will get a detect in their programmes to us pronto.

Edited by harleyclarkey
dharmabm Silver Member

dharmabm

Posted
Posted

The only reason Mac and Linux get less infected is that less PC's run those operating systems, but in fact they are as vulnerable as Windows. It has nothing to do with better quality.

In fact Open source OS is the most vulnerable of all, but it would affect the least people, so why bother

The point is that the culprits who create the malware try to affect as much operating systems as possible with their treats, hence they write it for most widespread operating system.

This post is such utter nonsense that it doesn't even warrant a response, except that TV members should be aware that he hasn't the slightest clue what he is talking about!

Sent from my Galaxy Nexus SlimKat using Tapatalk

Strangely enough he is spot on. The criminals want the best bang for their buck so they target the msot common OS's.

The Open Source bit is controversial subject; some think everyone seeing the source code makes it easier to write exploits, others say that the fact that everyone can see the source code makes it easier to spot them.

But it is definitely less of a target than MS operating systems.

So if his post is "utter nonsense" perhaps you'd care to share your opinion with us as to why?

You are right Sir, in my haste to reply from my phone I did not edit properly - the first and third statements are valid enough, it is the second which is utter nonsense. This isn't the first time he has made such claims without any evidence to back it up. Regarding points 1 and 3 though, this only applies to desktop systems, let's not forget that only about 25% (if that) of the internet backbone is made up of Microsoft systems

Sent from my Galaxy Nexus SlimKat using Tapatalk

seancbk Gold Member

seancbk

Posted
Posted

To help defeat all the new malwares of the day, I change all my passwords twice a day, do a full antivirus scan first thing in the morning and before going to bed, and only access the internet when I absolutely have to...like to download new antivirus updates and use ThaiVisa.

Doing all of above makes my use of computers now days pretty labor intensive and not much fun anymore. I'm thinking about reverting to a rotary dial phone, snail mail, and printed newspapers....I figure if my parents survived in such a "non-computer" world I can to. But on second thought, I'll probably decide to continue to use my computers and just not jump-off-the-cliff with each new malware I hear about....plus, I couldn't stand to give up ThaiVisa. OK, time to log off ThaiVisa as I need to scan my computer.

I've just checked and I have 342 passwords of which at least 50 are ones I need to access daily or regularly.

I use Lastpass to manage all my passwords though so I can have passwords like this - D7d60R%846E0z0d and I don't need to remember them, I only need to remember my 30 character master password (and good luck to anyone that thinks they can crack that any time soon).

I highly recommend Lastpass

IMHO Platinum Member

IMHO

Posted
Posted

"If your PC runs OSX, just keep on waiting with baited breath for Yosemite"

Bated or baited?

I had a good kitty once whose breath seemed to have been baited by a tuna.

Same old nitpicking crap by others wanting to undermine members who only want to help !!!! Get a life !!

He said picking nits. I have a life thank you. Fortunately it isn't burdened by constipation and still finds harmless humor in the things people say. I certainly appreciate the member informing me I should "wait[ing] with baited breath for Yosemite" as well as your helpful comments about crap, an area in which I readily concede that your expertise far surpasses mine. Get a life indeed.

I'm happy that as a non-native English speaker I was able to provide you some comic relief smile.png

IMHO Platinum Member

IMHO

Posted
Posted

To help defeat all the new malwares of the day, I change all my passwords twice a day, do a full antivirus scan first thing in the morning and before going to bed, and only access the internet when I absolutely have to...like to download new antivirus updates and use ThaiVisa.

Doing all of above makes my use of computers now days pretty labor intensive and not much fun anymore. I'm thinking about reverting to a rotary dial phone, snail mail, and printed newspapers....I figure if my parents survived in such a "non-computer" world I can to. But on second thought, I'll probably decide to continue to use my computers and just not jump-off-the-cliff with each new malware I hear about....plus, I couldn't stand to give up ThaiVisa. OK, time to log off ThaiVisa as I need to scan my computer.

I've just checked and I have 342 passwords of which at least 50 are ones I need to access daily or regularly.

I use Lastpass to manage all my passwords though so I can have passwords like this - D7d60R%846E0z0d and I don't need to remember them, I only need to remember my 30 character master password (and good luck to anyone that thinks they can crack that any time soon).

I highly recommend Lastpass

I guess you've got about 49 active friends on FB then? :D:P

seancbk Gold Member

seancbk

Posted
Posted

To help defeat all the new malwares of the day, I change all my passwords twice a day, do a full antivirus scan first thing in the morning and before going to bed, and only access the internet when I absolutely have to...like to download new antivirus updates and use ThaiVisa.

Doing all of above makes my use of computers now days pretty labor intensive and not much fun anymore. I'm thinking about reverting to a rotary dial phone, snail mail, and printed newspapers....I figure if my parents survived in such a "non-computer" world I can to. But on second thought, I'll probably decide to continue to use my computers and just not jump-off-the-cliff with each new malware I hear about....plus, I couldn't stand to give up ThaiVisa. OK, time to log off ThaiVisa as I need to scan my computer.

I've just checked and I have 342 passwords of which at least 50 are ones I need to access daily or regularly.

I use Lastpass to manage all my passwords though so I can have passwords like this - D7d60R%846E0z0d and I don't need to remember them, I only need to remember my 30 character master password (and good luck to anyone that thinks they can crack that any time soon).

I highly recommend Lastpass

I guess you've got about 49 active friends on FB then? biggrin.pngtongue.png

Not everyone I know is on Facebook and I wouldn't want to be Facebook friends with everyone I know.... but I still have over 1000 friends on FB.

The number is low because I only connect to people I've known for a few years in person, none of that adding any idiot that wants to 'be friends'.

If I don't know someone in person they are not a friend.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.






ASEANNOW

ASEANNOW (formally ThaiVisa) is Thailand's oldest and most popular expat and foriegner forum. Sign up today and have your say!

MORE INFO

POPULAR AREAS

CONTACT US

219/59 Asoke Towers, 15th Floor, Soi Sukhumvit 21, Watthana, Bangkok 10110
(+66) 99 196 1100
[email protected]

×
×
  • Create New...