FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   ProfileProfile   Log in to check your private messagesLog in to check your private messages 
The Computer Virus Industry
Goto page Previous  1, 2, 3, 4, 5, 6, 7, 8, 9
Post new topic   Reply to topic    Fortean Times Message Board Forum Index -> Conspiracy - general
View previous topic :: View next topic  
Author Message
The Sockpuppet of
Joined: 16 Jul 2004
Total posts: 4002
Location: In the Nostril of The Crawling Chaos
Gender: Unknown
PostPosted: 29-11-2013 12:55    Post subject: Reply with quote

rynner2 wrote:
Help! I'm Johnny Ball and I've been robbed

Presumably if anyone replied to the email and asked 'how much should I give?' the response was 'Think of a number'. Wink
Back to top
View user's profile 
What a Cad!
Joined: 13 Dec 2008
Total posts: 26565
Location: Under the moon
Gender: Male
PostPosted: 06-12-2013 08:33    Post subject: Reply with quote

Microsoft disrupts ZeroAccess web fraud botnet

ZeroAccess, one of the world's largest botnets - a network of computers infected with malware to trigger online fraud - has been disrupted by Microsoft and law enforcement agencies.

ZeroAccess hijacks web search results and redirects users to potentially dangerous sites to steal their details.
It also generates fraudulent ad clicks on infected computers then claims payouts from duped advertisers.
Also called Sirefef botnet, ZeroAccess, has infected two million computers.
The botnet targets search results on Google, Bing and Yahoo search engines and is estimated to cost online advertisers $2.7m (£1.7m) per month.

Microsoft said it had been authorised by US regulators to "block incoming and outgoing communications between computers located in the US and the 18 identified Internet Protocol (IP) addresses being used to commit the fraudulent schemes".
In addition, the firm has also taken control of 49 domains associated with ZeroAccess.

David Finn, executive director of Microsoft Digital Crimes Unit, said the disruption "will stop victims' computers from being used for fraud and help us identify the computers that need to be cleaned of the infection".

The ZeroAccess botnet relies on waves of communication between groups of infected computers, instead of being controlled by a few servers.
This allows cyber criminals to control the botnet remotely from a range of computers, making it difficult to tackle.

According to Microsoft, more than 800,000 ZeroAccess-infected computers were active on the internet on any given day as of October this year.
"Due to its botnet architecture, ZeroAccess is one of the most robust and durable botnets in operation today and was built to be resilient to disruption efforts," Microsoft said.

However, the firm said its latest action is "expected to significantly disrupt the botnet's operation, increasing the cost and risk for cyber criminals to continue doing business and preventing victims' computers from committing fraudulent schemes".
Microsoft said its Digital Crimes Unit collaborated with the US Federal Bureau of Investigation (FBI) and Europol's European Cybercrime Centre (EC3) to disrupt the operations.

Earlier this year, security firm Symantec said it had disabled nearly 500,000 computers infected by ZeroAccess and taken them out of the botnet.
Back to top
View user's profile 
What a Cad!
Joined: 13 Dec 2008
Total posts: 26565
Location: Under the moon
Gender: Male
PostPosted: 11-12-2013 09:11    Post subject: Reply with quote

The 12 cyber-scams of Christmas
By Prof Alan Woodward, Department of Computing, University of Surrey

This Christmas looks like being a bumper one for online shopping but not everyone is filled with the festive spirit and some have already set online traps they hope you will fall into.
Here are twelve cyber-scams to watch out for this Christmas:

The first scam of Christmas is phishing

They've been around for years and we've all received a version.
Fraudsters send you a message and attempt to make you click on a link to a fake site or open some malware that infects your machine.

They may be old but they have evolved and some are very cleverly targeted (known as spear phishing). Imagine you are placing orders on a well-known website for gifts. Suddenly you receive an email - apparently from that very site - saying that there is a problem with your last order and can you please "click here" to attend to the problem.

Logos, email addresses, even the link might look genuine but you'll get more than you bargained for if you do as the email asks. Check twice and click once.

The second scam of Christmas is the fake virus checker

You search for that elusive gift, and finally you're led to a site that appears to sell just what your nearest and dearest want.
But wait, a message flashes up saying that your machine is infected… but don't worry just download the free virus check shown and your problem will be solved.

By downloading it you will actually be infecting your machine and your problems will only just have begun. Install a good virus checker before you go online.

The third scam of Christmas is the fake upgrade

As the Christmas spirit gets going we all send each other links to jokes and videos, on Facebook, by email and via Twitter.
Now imagine you arrive at one of these sites and it tells you that you don't have the latest Flash Player so you can't watch that funny video, but not to worry click here and you can get your upgraded player immediately.

Not only will this "upgrade" be malware but that malware will go on to send messages to all your friends telling them to go see the "funny" video.

The fourth scam of Christmas is the "current news scam"

People will use major world events to scam you out of money, regardless of how sad the event may have been. We saw it with Typhoon Haiyan in the Philippines.
Difficult to believe in a season of goodwill but before the aid agencies had reached the poor people affected there were already scam emails and associated websites asking you to donate.
They look genuine but don't be fooled. The money goes nowhere but to the scammers.

The fifth scam of Christmas is the illegal "cracked" download

Many will be buying laptops or other computing devices for under the tree.
They are expensive and there are many tempting offers to buy incredibly cheap operating systems, office products or other tasty goodies. There are even more tempting opportunities to download "free" copies of "cracked" pirated software.

However, not only are you likely to find that the download is an illegal copy - and may not actually run or has an invalid key - but also that it comes with a hidden present: malware.

Buy from reputable sites and remember if it's too good to be true then it probably is.

The sixth scam of Christmas is the drive-by download

Sadly you do not have to agree to download software from a malicious site for it to happen. There are ways in which malware can be wheedled on to your machine just by visiting a site.

We all roam randomly around the internet, especially when looking for presents, so it is hard to avoid such sites. However, try to watch for a trail that leads you into totally uncharted waters. It's difficult, but think before you click.

And, keep your virus checker and your browser up to date. Both increasingly afford some protection again this type of scam.

The seventh scam of Christmas is the fake free wi-fi

For those who do venture out you will doubtless take refuge at some point in somewhere like a coffee shop, and often it appears to have free wi-fi.
Such wi-fi connections should be considered insecure, so you should not visit any site where you need to enter credentials, card details or the like.
All of that might be visible to others who can monitor your insecure connection to the free wi-fi.

The eighth scam of Christmas is the wi-fi probe

Something few realise is that when we connect our mobile phone to a wi-fi, it keeps a record of the connection.
Thereafter if the device is not connected to a hotspot, it continues to send out requests to connect to all the previous networks to which it had linked.
These can be read and we are revealing all wi-fis we have previously joined.
In effect, your movements can be tracked and often your home network will even reveal where you live just by the name you have given it.

Don't give scammers information they might use against you in some form of con.

The ninth scam of Christmas is a combination of the last two

If you keep your mobile wi-fi turned on there are methods whereby, as your mobile sends out a request to connect to a hotspot, a scammer can then pretend to be that very wi-fi.
Your mobile is relieved to have found a connection it knows and so attempts to create a link, potentially giving away your wi-fi password.
Worse still, your mobile might think it has a secure connection and start to send other data that can be picked up by the scammer.

This and the two previous scams can all be stopped by simply turning off your wi-fi on your mobile's settings when not on a hotspot you trust.

The 10th scam of Christmas is the insecure website

Whether intentional or not, some websites still ask you for your credit card details - and much other valuable personal data - without offering a secure connection.

Know how your browser tells you that you have a secure connection - look for the padlock symbol or change of coloured address bar or whatever it is.
If you don't have a secure connection don't trust that site with your details.
They either can't be bothered, in which case they don't deserve your custom, or they're a fake.
Even if it is a secure connection make sure you click on the padlock symbol or similar to check that the site is registered to who you think it is.

The 11th scam of Christmas is the Man In The Middle (MiTM)

There is no point in having a secure connection to your bank or shopping site if there is a piece of software sitting on your machine that can read all of the data before it is secured for transmission.
A particularly common MiTM scam is for a "helper" application that has been installed to make your life easier when using your browser.
This helper may be helping itself to anything you enter on the screen.

The safest way to avoid this is to ensure that you have no "add-ins" running.
If you know how, you can try this by manually configuring your browser but there are tools available, often from the banks free of charge, to do this for you.

The 12th scam of Christmas is the nastiest of them all: the phone call

You're having trouble with that new laptop you bought as a present. You've just about got it running but you can't quite figure out how to finish it off.
All of the sudden the phone rings and a voice says: "This [is] Microsoft/Apple/Google/Dell/HP we see that you have managed to connect to the internet using one of our machines/software but look like you could do with some support. We're here to help you. All we need is your username and password…"

These scammers work on the principle that eventually they will find someone in exactly that position and upon receiving such a call the frustrated user is very likely not to question but rather welcome the caller.

All this caller is trying to do is help themselves to your login details and steal valuable data from your machine.

Sadly, there are more than 12 scams to watch out for, but be particularly aware of those scams that take advantage of the time of year.
Context is everything to the successful scam. If it appears relevant, useful or personal it is much more likely to succeed.

Makes you want to throw away all the electrickery and curl up with a good book instead! Happily I don't have a laptop or mobile phone, so I'm immune to some of those scams. And I wear tinfoil-lined underwear in case I go near any wifi hotspots... Wink
Back to top
View user's profile 
What a Cad!
Joined: 13 Dec 2008
Total posts: 26565
Location: Under the moon
Gender: Male
PostPosted: 25-12-2013 08:11    Post subject: Reply with quote

More on Cryptolocker:

Cryptolocker ransomware has 'infected about 250,000 PCs'
By Leo Kelion, Technology reporter

A virulent form of ransomware has now infected about quarter of a million Windows computers, according to a report by security researchers.
Cryptolocker scrambles users' data and then demands a fee to unencrypt it alongside a countdown clock.

Dell Secureworks said that the US and UK had been worst affected.
It added that the cyber-criminals responsible were now targeting home internet users after initially focusing on professionals.

The firm has provided a list of net domains that it suspects have been used to spread the code, but warned that more are being generated every day.

Ransomware has existed since at least 1989, but this latest example is particularly problematic because of the way it makes files inaccessible.
"Instead of using a custom cryptographic implementation like many other malware families, Cryptolocker uses strong third-party certified cryptography offered by Microsoft's CryptoAPI," said the report.
"By using a sound implementation and following best practices, the malware authors have created a robust program that is difficult to circumvent."

The first versions of Crytpolocker appear to have been posted to the net on 5 September.
Early examples were spread via spam emails that asked the user to click on a Zip-archived extension identified as being a customer complaint about the recipient's organisation.

Later it was distributed via malware attached to emails claiming there had been a problem clearing a cheque. Clicking the associated link downloaded a Trojan horse called Gameover Zeus, which in turn installed Cryptolocker onto the victim's PC.

By mid-December, Dell Secureworks said between 200,000 to 250,000 computers had been infected.
It said of those affected, "a minimum of 0.4%, and very likely many times that" had agreed to the ransom demand, which can currently only be paid in the virtual currencies Bitcoin and MoneyPak.
"Anecdotal reports from victims who elected to pay the ransom indicate that the Cryptolocker threat actors honour payments by instructing infected computers to decrypt files and uninstall the malware," added the security firm.
"According to reports from victims, payments may be accepted within minutes or may take several weeks to process."

However, Trend Micro, another security firm, has warned that giving into the blackmail request only encouraged the further spread of Cryptolocker and other copycat schemes, and said that there was no guarantee of getting the data back.

Dell suggested PCs be blocked from communicating with the hundreds of domains names it had flagged as being linked to the spread of Cryptolocker, and it suggested five further steps the public and businesses could take to protect themselves:

Install software that blocks executable fields and compressed archives before they reach email inboxes
Check permissions assigned to shared network drives to limit the number of people who can make modifications
Regularly back-up data to offline storage such as Blu-ray and DVD-Rom disks. Network-attached drives and cloud storage does not count as Cryptolocker can access and encrypt files stored there
Set each PC's software management tools to prevent Cryptolocker and other suspect programs from accessing certain critical directories
Set the computer's Group Policy Objects to restrict registry keys - databases containing settings - used by Cryptolocker so that the malware is unable to begin the encryption process.
Back to top
View user's profile 
is still wondering
Joined: 01 Aug 2005
Total posts: 2920
Age: 46
Gender: Male
PostPosted: 28-12-2013 11:21    Post subject: Reply with quote

That looks particularly nasty. In the spirit of Xmas, it would be nice to hope that the perpetrators get murdered in their beds some time soon. It's an extremely nasty, cowardly crime these people are committing, causing potential misery (loss of un-backed-up photos, for example) to millions. Inevitably, it will be the less internet savvy who get caught out, making the elderly very much at risk.

What can I do to help my own parents, for example, avoid such a scenario? Are the usual pleas to never click on anything they're not sure of, and to keep copies of important files on a memory stick, enough, or can I do something more concrete?

This is a genuine plea, so any advice would be gratefully received. If it's pensioner-friendly, all the better!
Back to top
View user's profile 
Piffle Prospector
Joined: 02 Aug 2001
Total posts: 5752
Location: Manchester, UK
Gender: Male
PostPosted: 28-12-2013 13:01    Post subject: Reply with quote

Tell them how much you love their photographs and would relish copies, along with bank details, passwords and their memorable city etc etc.

Then send these details to me for a further level of certainty. It will not make things safer but it removes all the wondering and waiting.

Probably only the first part is pensioner-friendly . . . Confused
Back to top
View user's profile Visit poster's website 
What a Cad!
Joined: 13 Dec 2008
Total posts: 26565
Location: Under the moon
Gender: Male
PostPosted: 28-12-2013 13:35    Post subject: Reply with quote

Peripart wrote:
What can I do to help my own parents, for example, avoid such a scenario? Are the usual pleas to never click on anything they're not sure of, and to keep copies of important files on a memory stick, enough, or can I do something more concrete?

It's too late for Xmas, but give them memory sticks as presents. If you're not too far away, actually load the memory sticks for them, to show them how easy it is. After you've done the first few folders and/or files, make them do the rest so you know they've understood it. Simples!

And then, of course an occassional few reminders to back up anything new. I back up my photos every month. I used to use CDs and DVDs, but a recent technical problem caused me to switch to a memory stick - and it's so much less hassle! As mentioned above, Simples!

Yours sincerely, a Pensioner. Cool
Back to top
View user's profile 
is still wondering
Joined: 01 Aug 2005
Total posts: 2920
Age: 46
Gender: Male
PostPosted: 28-12-2013 13:58    Post subject: Reply with quote

Thanks, Rynner. They do use memory sticks... when they think about it! As you say, so much easier than CD-ROMs. I just need to keep on at them to take regular backup copies of everything.

How best, though, to make sure one doesn't fall prey to this kind of thing in the first place?
Back to top
View user's profile 
What a Cad!
Joined: 13 Dec 2008
Total posts: 26565
Location: Under the moon
Gender: Male
PostPosted: 28-12-2013 15:34    Post subject: Reply with quote

Peripart wrote:
How best, though, to make sure one doesn't fall prey to this kind of thing in the first place?

I've never been caught, but whether that's just luck or being careful, who knows? I know there's a lot of garbage out there on the web, so I try to avoid it as much as poss. I only follow links from websites I trust, and I don't search for info on sex or drugs, etc, except via well-known sites.

I don't do Twatter or Facehook, and even on FTMB I'm wary of 'bare naked URLs', especially if they are videolinks. Experience shows that if they're not actually dangerous, they're usually a complete waste of time!

The one big computer crash I had was caused by a prog on a cover CD from a magazine published by Dennis... But I think that was crap programming - it wouldn't have been any use to a virus as it trashed my machine entirely, and I was computerless for a year or more!
Back to top
View user's profile 
What a Cad!
Joined: 13 Dec 2008
Total posts: 26565
Location: Under the moon
Gender: Male
PostPosted: 03-06-2014 07:54    Post subject: Reply with quote

Russian Evgeniy Bogachev sought over cybercrime botnet
By Dave Lee, Technology reporter, BBC News

The US has charged a Russian man with being behind a major cybercrime operation that affected individuals and businesses worldwide.
Evgeniy Bogachev, said to be known as "lucky12345" and "slavik", is accused of being involved in attacks on more than a million computers.
The charges came as authorities seized control of a botnet used to steal personal and financial data.

Computer users were urged to run checks to protect themselves from the threat.
[See panel on page.]

In a press conference held on Monday, the US Department of Justice said it believed Mr Bogachev was last known to be residing in Anapa, Russia.
Cooperation with Russian authorities had been "productive", a spokesman added.
In a entry added to the FBI's Cyber Most Wanted list, it stated: "He is known to enjoy boating and may travel to locations along the Black Sea in his boat."
His charges, filed in a court in Pittsburgh, included conspiracy, wire, bank and computer fraud, and money laundering.

The UK's National Crime Agency (NCA) said people probably had "two weeks" before the criminals would get the botnet functioning again, and posted advice on how to best protect computers.
Internet service providers (ISPs) will be contacting customers known to have been affected by either letter or email. The first notices were sent out on Monday, the BBC understands

The action related to a strain of malware - meaning malicious software - known as Gameover Zeus.
Malware is typically downloaded by unsuspecting users via what is known as a phishing attack, usually in the form of an email that looks like it comes from somewhere legitimate - such as a bank - when it fact it is designed to trick a person into downloading malicious software.

Once installed on a victim's machine, Gameover Zeus will search specifically for files containing financial information.
If it cannot find anything it deems of worth, some strains of Gameover Zeus will then install Cryptolocker - a ransomware program that locks a person's machine until a fee is paid.
The FBI said Gameover Zeus could be responsible for "financial losses in the hundreds of millions of dollars".

In what has been described as the biggest ever operation of its kind, servers all over the world were raided simultaneously by the authorities.
"The scale of this operation is unprecedented," said Steve Rawlinson from Tagadab, a web hosting company involved in the take-down effort.
"This is the first time we've seen a co-ordinated, international approach of this magnitude, demonstrating how seriously the FBI takes this current threat."

The action meant the authorities could direct what are known as Command and Control (C&C) servers - the machines that control the operation of the botnet.
With the C&C servers under police control, criminals should temporarily be unable to manage the computers they hijacked - but only until they are able to set-up new C&C servers elsewhere.

All computer users are being urged to make sure that the malware has not infected their machines.
"This warning is not intended to cause you panic but we cannot over-stress the importance of taking these steps immediately," said UK-based Get Safe Online, a government-backed organisation that has published a list of software it recommends for the task.
"This is because the UK's NCA has taken temporary control of the communications used to connect with infected computers, but expects only a very limited window of opportunity to ensure you are protected."

Technical problems caused some users to become unable to access the Get Safe Online website on Monday afternoon.
A spokesman said: "We have been overwhelmed by the interest of those trying to take action to protect themselves by visiting our page.
"We are sorry about this and are working very hard to make the page available as quickly as possible. In the meantime, the advice can be accessed via our Facebook and Google+ pages."

More detailed information on the threat was published by the US Computer Emergency Readiness Team (Cert).

Following a slew of high-profile hack attacks in recent weeks - including eBay, Spotify and shoe retailer Office - security expert Rik Ferguson raised concerns that computer users might be suffering from "notification fatigue".
However, he stressed that this operation was more targeted, and should not be ignored.
"I think one of the things that is really critical with this operation is that if people are infected, it's going to be completely invisible to them," the Trend Micro security researcher said.

"One of the strengths of this operation is not only that it involved organisations around the world, but that it involved the ISPs as well.
"The ISPs will go out and proactively notify any of their customers who are infected."

He suggested that machines known to be infected by serious malware should be placed in a quarantined environment until the threat was removed.
"Making it uncomfortable, if not impossible, to use the internet is one of the most effective ways to do that," he said.
Back to top
View user's profile 
Display posts from previous:   
Post new topic   Reply to topic    Fortean Times Message Board Forum Index -> Conspiracy - general All times are GMT
Goto page Previous  1, 2, 3, 4, 5, 6, 7, 8, 9
Page 9 of 9

Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Powered by phpBB © 2001, 2005 phpBB Group