Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

Computerworld warns of serious, ongoing malware attack on PCs

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread
This topic is archived.
Home » Discuss » Archives » General Discussion (1/22-2007 thru 12/14/2010) Donate to DU
 
warren pease Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Nov-28-07 10:27 AM
Original message
Computerworld warns of serious, ongoing malware attack on PCs
From an article headlined...

Search Google, Click to Massive Malware Attacks?


...in yesterday's PCWorld online, via Computerworld. According to the piece, written by Computerworld reporter Gregg Keizer:


A large-scale, coordinated campaign to steer users toward malware-spewing Web sites from Google search results is under way, security researchers said Tuesday.

Users searching Google with any of hundreds of legitimate phrases -- from the technical "how to cisco router vpn dial in" to the heart-tugging "how to teach a dog to play fetch" -- will see links near the top of the results listings that lead directly to malicious sites hosting a mountain of malware. "This is huge," said Alex Eckelberry, Sunbelt Software's CEO. "So far we've found 27 different domains, each with up to 1,499 pages. That's 40,000 possible pages."



Sorry if this is old news. I just logged in to DU and didn't see it posted elsewhere.

Mods, please delete if this has already been covered.


wp
Printer Friendly | Permalink |  | Top
iconoclastic cat Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Nov-28-07 10:31 AM
Response to Original message
1. Use Ubuntu as your OS. Never worry about this crap again. nt
Printer Friendly | Permalink |  | Top
 
Clovis Sangrail Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Nov-28-07 10:47 AM
Response to Reply #1
5. o.0
Better yet, run BeOS!
</sarcasm>

Ubuntu isn't immune from exploits, and a browser under Ubuntu will be directed the exploit sites the same as XP.

Most exploits are targeted at Windows because it's the dominant OS.
As soon as it's not the dominant OS the main focus of exploits will be something else.

I'm not knocking Linux, I use it on a number of boxes... I just don't want you to think it's "immune"... 'cause it's not.
Printer Friendly | Permalink |  | Top
 
iconoclastic cat Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Nov-28-07 11:52 AM
Response to Reply #5
10. That's true. I was oversimplifying.
And to be equally fair, Firefox has as many exploit-killing safety plugins for Windows as it does for Leopard or any Linux distro.
Printer Friendly | Permalink |  | Top
 
Deja Q Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Nov-28-07 11:56 AM
Response to Reply #1
11. Naivety will not help.
Not enough people use Linux derivatives to make a big enough difference.

Nothing is immune. That's reality.

Though it's somewhat true Microsoft does seem to like to help the hackers a little more willingly.

Printer Friendly | Permalink |  | Top
 
iconoclastic cat Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Nov-28-07 11:59 AM
Response to Reply #11
13. And as I replied above,
Firefox has tools for everyone -- most specifically NoScript:

https://addons.mozilla.org/en-US/firefox/addon/722

If you don't have NoScript, you're rolling the dice.
Printer Friendly | Permalink |  | Top
 
SyntaxError Donating Member (378 posts) Send PM | Profile | Ignore Wed Nov-28-07 02:15 PM
Response to Reply #1
19. hmmmmm, you sure about that?
Printer Friendly | Permalink |  | Top
 
iconoclastic cat Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Nov-28-07 04:09 PM
Response to Reply #19
22. As I replied above, it was an oversimplification. nt
Printer Friendly | Permalink |  | Top
 
StClone Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Nov-28-07 10:32 AM
Response to Original message
2. My wife downloaded a greeting card maker
And it was in there. Our home page Google was replaced by some junk search engine. I have updated spyware and fire wall so this stuff is current. I removed it after a few minutes. Beware.
Printer Friendly | Permalink |  | Top
 
LTR Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Nov-28-07 10:37 AM
Response to Reply #2
3. Greeting card malware/spam is big now
I get a ton of that stuff in my inbox. NEVER NEVER NEVER open this stuff! Only download from trusted sites (like CNET, Sourceforge, Major Geeks, etc.) or other reputable companies.

And Firefox just released an update the other day. I assume it's because of this. Leo Laporte was talking about this latest wave of malware attacks recently on his radio show. Also said there's a Trojan attacking Mac users.
Printer Friendly | Permalink |  | Top
 
StClone Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Nov-28-07 10:55 AM
Response to Reply #3
6. I just got the update.
...of Firefox a few minutes after she got infected.
Printer Friendly | Permalink |  | Top
 
Clovis Sangrail Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Nov-28-07 11:05 AM
Response to Reply #3
7. not opening email attachments is probably the singe best thing
you can do.
I've been telling my family this for *years.

Even if the "From" field is somebody you know, DO NOT open attachments unless
a) you expected the attachment... AND
b) the file is the one that's expected... AND
c) NEVER accept .exe .com .pif .scr .bat .cmd files from ANYBODY, regardless of if you expect them.
(unless, of course, the family IT guy says he just sent you an executable file named xxxxxx.xxx )
Cutesy animations and screensavers are a major vector of infection.

Following links in unexpected emails is just as bad.


I sometimes feel bad because I know they miss out on some of the crap that their friends are sending around that's *not malware... but they also miss out on a lot of the infection problems that their friends have as well.



Printer Friendly | Permalink |  | Top
 
Cha Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Nov-28-07 12:00 PM
Response to Reply #7
14. Good reminder and
I heard this years ago but I've opened a couple recently from friends and was lucky because everything is okay so far.
Printer Friendly | Permalink |  | Top
 
warren pease Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Nov-28-07 12:03 PM
Response to Reply #3
16. Trojan attacking Macs?
I use a MacBook running OS X 10.4.10. I hadn't heard about anything attacking Macs at the moment. I had always assumed that they were relatively immune because the OS is much less vulnerable than is any version of Windows, and because their market share is too low to justify the work involved.

Should I be concerned anyway and, if so, what should I be doing beyond the usual malware scans and not opening attachments from unknown sources?

Thanks,

wp
Printer Friendly | Permalink |  | Top
 
LTR Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Nov-28-07 02:10 PM
Response to Reply #16
17. Here ya go
As I said, I heard it mentioned on Leo Laporte's radio show a few weeks ago. Good thing he keeps detailed show notes:

http://techguylabs.com/radio/ShowNotes/Show401#toc3

Here's more info on the Mac Trojan:

http://www.tuaw.com/2007/10/31/intego-reporting-new-os-...
Printer Friendly | Permalink |  | Top
 
warren pease Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Nov-28-07 02:12 PM
Response to Reply #17
18. Thank you. And I thought I was immune to this crap. n/t
Printer Friendly | Permalink |  | Top
 
Clovis Sangrail Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Nov-28-07 10:37 AM
Response to Original message
4. I thought that type of google bomb
had been pretty effectively nerfed. :shrug:
Printer Friendly | Permalink |  | Top
 
Az Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Nov-28-07 11:09 AM
Response to Original message
8. I am using McAfee Site Advisor
It is a browser addon that checks links provided by Google and compares them to a list of sites scanned. Any that have adware of malware on their sites are flagged as red. Good sites are flagged as green. Its quite handy.
Printer Friendly | Permalink |  | Top
 
blogslut Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Nov-28-07 11:19 AM
Response to Original message
9. Bots
A scammer can set up a bot to do just about anything. The massage board I moderate is under attack by these bot bastids. The bot can sign up for a new account, affirm the approval email and throw up a good 10-20 bogus links in less than a minute. Banning IPs does no good because the bot is spoofing IPs. We had to finally resort to hand-approving every new member. I hate bots.
Printer Friendly | Permalink |  | Top
 
Selatius Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Nov-28-07 11:56 AM
Response to Reply #9
12. Some messageboards require you to type in what you see in an image box to register.
Usually, there's a random assortment of letters or numbers you see in the box that you input as part of the registration process. Bot scripts can't do it, at least most of them can't. As a result, they're screened out.
Printer Friendly | Permalink |  | Top
 
blogslut Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Nov-28-07 12:03 PM
Response to Reply #12
15. I know
But I'm the mod, not the administrator. My boss handles that stuff and he's got a lot on his plate already. Eventually, he'll fix the problem and since he's the one doing the hand-approving, no skin off my nose. :hi:
Printer Friendly | Permalink |  | Top
 
SyntaxError Donating Member (378 posts) Send PM | Profile | Ignore Wed Nov-28-07 02:23 PM
Response to Reply #12
20. CAPTCHA...
There are a few ways to break some of those...but they help witht he casual jackass.
Printer Friendly | Permalink |  | Top
 
MindPilot Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Nov-28-07 02:25 PM
Response to Original message
21. I'm trying to get adware/malware off a client's machine right now
It the phony Your Computer is infected with {whatever} warning message; click here to download the removal tool.

I equate that to breaking into someone's house to sell them an alarm.

Printer Friendly | Permalink |  | Top
 
DU AdBot (1000+ posts) Click to send private message to this author Click to view 
this author's profile Click to add 
this author to your buddy list Click to add 
this author to your Ignore list Sat Sep 20th 2014, 11:11 AM
Response to Original message
Advertisements [?]
 Top

Home » Discuss » Archives » General Discussion (1/22-2007 thru 12/14/2010) Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators


Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC