Category: Malware

Viruses, Trojans, Spyware, etc

Fake Anti-Virus

There are many fake anti-virus products out there, they try to convince you there’s something wrong with your PC or Mac then either ask you for money to fix it or install real viruses.

This new one’s the kind that asks you for money, it’s called System Security. It begins when you download the program believing it’s a new anti-virus product. It’s designed for Windows PCs.

System Security

When you install it, it pretends to scan your PC, then informs you it found a whole lot of malware on your PC including viruses, adware and spyware. This part is meant to scare and shock you.

Then it does something truly evil, it stops you doing anything on your PC until you “activate” the anti-virus. And by activate they mean pay them money. So at this stage the only thing you can do with your PC is go to the scammer’s website (which looks nice and professional), hand over your credit card details, and they’ll supposedly make your PC work again.

If you happen to download and install this fake product and it blocks your PC from working, don’t give them your credit card details or otherwise pay for it to be unlocked. You will be able to boot your PC in Safe Mode – ask for a PC technician to help you with this if necessary. You’ll then be able to remove the fake anti-virus.

This highlights the importance of using a good anti-virus product, one that’s known and respected in the IT industry. I generally try not to recommend one product over another but below are some of the trusted anti-virus companies available today:

  • Trend Micro
  • Symantec / Norton
  • McAfee
  • F-Secure
  • AVG

There are many more and the market’s always changing. Feel free to write about your preferred products in the comments below. These days you can buy them online or walk into a computer store and buy one.

Western Union Uncollected Money

Another Western Union scam email is being sent to people. The email claims that you sent money with Western Union and that it has been returned to you (this is the incentive designed to catch your attention, free money).

The email has an attachment that is supposed to be an invoice. Instead the attachment infects your PC with a virus that waits for you to use internet banking then steals your password.

The email reads:

Dear client!

The money transfer you have sent on the 12th of April was not collected by the recipient. Due to the Western Union regulation the transfers which are not received in 15 days are to be returned to sender.

To collect money you need to print the invoice attached to this email and visit the nearest Western Union branch.

Thank you!

If you see this email, or one similar to it, delete it. Western Union didn’t really send it. And don’t open the attachment.

Tell-tale signs of a scam email:

  • There are a few grammatical errors in the email. It’s common for scammers to have poor English skills (though they’re getting better)
  • Did you send money with Western Union in the past 15 days? If not then it’s almost definitely a scam. Don’t be tempted.
  • If you’re unsure, copy & paste parts of the email into Google. Then read through the results looking for evidence of known scams.

You should also be scanning your email for spam and malware. This will filter out most of the scams before you have a chance to read them.

There was another Western Union scam that has been quite popular, read about it here.

Windows 7 RC on BitTorrent

Windows 7 Release Candidate (RC) was released recently by Microsoft. It’s free for anyone to download and test it before the final version’s finished. A few days before the official release someone posted a copy on a BitTorrent network. Unfortunately this copy was infected with a trojan that downloads more malware. This is very bad. When you install an operating system such as Windows you have to trust the installation. If you can’t trust the operating system then you shouldn’t be using it. dark stranger What’s wrong with Torrents?

  • Don’t download Windows from file sharing systems such as BitTorrent. Get it from Microsoft or one of their vendors.
  • If you download free operating systems such as Linux from torrents know how to do a checksum test.
  • Don’t use pirated software. Apart from being immoral and illegal, pirated software is often plagued with malware.

What if you already downloaded Windows 7 RC from BitTorrent? The safest thing to do is to download it again from Microsoft’s site, reformat your PC, and reinstall the official version. It can be safely downloaded from: http://www.microsoft.com/Windows/Windows-7/download.aspx As a side note I’d like to point out that Windows 7 RC is a test version, it’s not the finished product. And while it’s free for now it has a couple of restrictions:

  • on 1 March 2010 it will start rebooting every 2 hours
  • on 1 June 2010 it will completely stop working.

Update: There are now 25,000 PCs infected with the malware as a result of downloading the wrong copy of Windows 7 RC. These 25,000 PCs are being controlled by hackers as part of a botnet.

M&A Companion Touch comes with malware

companion_touch M&A makes a mini tablet PC (also called a netbook) called the Companion Touch. It’s been found to come with malware pre-installed. If you’ve bought this model after February 2009 you should scan it for viruses. You should also scan any devices you might have plugged into it, such as flash drives or other removable drives.

The malware found on this device is designed to steal passwords. More detailed info here.

It’s unfortunate that these days many devices have been shipped from the factory with viruses and other malware, such as digital photo frames and MP3 players.

Can Malware Damage Your PC?

We all know that malware can steal your passwords, cause you to lose money, and spread itself to other PCs. But can malware actually cause damage to your PC?

The short answer is yes.

A botnet is a collection of infected PCs under a hacker’s control. There are millions of PCs today forming these botnets (millions of infected home computers being controlled by hackers). Some new research on botnets shows that they sometimes include code to completely disable the PC.

In April 2009 a malicious hacker decided to “kill” the PCs he was controlling using a botnet. It disabled Windows on 100,000 computers, making all those PCs useless until a technician can repair it. (This is a slight simplification but for the general public it’s accurate enough). These 100,000 computers belonged to real people using their computers at home or at the office. One day it just stopped working because a malicious hacker thought it’d be fun. You can read more detailed information about this here.

And then there are other malware (viruses etc) that can damage the PC in more serious ways. In March 2009 researches created a sample malware that writes itself to the computer’s BIOS (the BIOS is inside a chip inside the PC) . Reformatting the PC won’t remove it, buying a new hard drive won’t remove it either, and they claim that even a “BIOS flash” won’t remove it. You’d have to buy a new PC (or if you’re technical, a new motherboard) to fix it. More info here.

In the past there have been viruses that could damage drives and monitors but there’s been very little of this lately.

So overall malware can cause your PC to visit a repair shop for servicing, which is not only an inconvenience but also costly. It’s always better to prevent malware than to repair the damage (and often you may not know a PC is infected). And the usual tips apply here:

  • Use a good anti-virus package, the kind that updates itself several times a day and scans web pages as well as files. They’re not expensive.
  • Always patch and update your programs, including your operating system (Windows, Linux, Mac OS X).
  • Never assume it can’t happen to you or that your computer is somehow better than others.
  • Use one of the newer browsers such as FireFox, Chrome, or Opera. Read about browser hacking here.
  • Don’t download programs from hacker sites such as password generators (they’re usually infected with malware).
  • Don’t be tricked into installing something to watch a funny video. If your computer can’t play the video as it is then it’s probably not worth watching. Read more about it here.
  • Don’t be tricked by fake anti-virus programs. Examples here.
  • And backup your files. Do this often.

Fake virus alerts

Sometimes hackers find innocent web sites and find a way to hack it and add malware. Below is an example. A (fake) message comes up telling you your PC is infected:

 

image

Warning!!! Your computer contains various signs of viruses and malware programs presence. Your system requires immediate anti viruses check! System Security will perform a quick and free scanning of your PC for viruses and malicious programs.

Notice that the message is full of grammatical mistakes, scammers generally aren’t very good at English.

If you see a message like this click Cancel and close the window.

Dangerous PDF file with information about Swine Flu

There’s been lots of talk lately about swine flu, and there have been lots of PDF files emails back and forth with information about it.

One such PDF file was found to have a password stealing malware hidden in the code that installs itself using a vulnerability in Adobe Reader. After it installs the malware it then opens a legitimate document with information about swine flu.

The document is called The Association of Tibetan journalists Press Release.pdf

If you see this in an email delete it without opening it, and let the sender know that it contains a password stealer.

Malwarebytes Anti-Malware

Malwarebytes Anti-Malware is a Windows tool to remove malware. I’m always explaining how to prevent malware in the first place, but if it’s too late for you and your PC is infected, this tool is great at removing it.

There’s a free trial and a full (paid) version. The free trial is enough to help clean your PC. The paid version will help prevent future infections.

Today they announced that this product has cleaned 1 billion PCs over the past few years. That’s quite impressive. And it’s also scary to think that 1 billion people had their PCs infected with malware – if only they would read Fraudo and prevent the infections 🙂

You can download it here.

mbam

AVG LinkScanner

AVG has been making anti-virus products for years, they’re a trusted company. They’ve now made one of their products free, and it would be useful for many of you. It’s called AVG LinkScanner.

It’s a plugin for FireFox and Internet Explorer. It checks every web page you load, and if it’s a known dangerous site it stops it from loading, protecting you before any malware gets a chance to run.

This is very useful if:

  1. Your main web browser is FireFox or Internet Explorer, and
  2. You use Windows, and
  3. You haven’t invested in a good anti-virus package.

It’s a fact that a lot of malware (including viruses, spyware, adware, etc) installs itself when you visit a hacked page. Most of the time you won’t know it’s happening – it’s important to install something that helps protect you.

Download it for free from: http://linkscanner.avg.com/