Computerworld warns of serious, ongoing malware attack on PCs

From an article headlined...



...in yesterday's PCWorld online, via Computerworld. According to the piece, written by Computerworld reporter Gregg Keizer:





Sorry if this is old news. I just logged in to DU and didn't see it posted elsewhere.

Mods, please delete if this has already been covered.


wp

Better yet, run BeOS!
</sarcasm>

Ubuntu isn't immune from exploits, and a browser under Ubuntu will be directed the exploit sites the same as XP.

Most exploits are targeted at Windows because it's the dominant OS.
As soon as it's not the dominant OS the main focus of exploits will be something else.

I'm not knocking Linux, I use it on a number of boxes... I just don't want you to think it's "immune"... 'cause it's not.

And to be equally fair, Firefox has as many exploit-killing safety plugins for Windows as it does for Leopard or any Linux distro.

Not enough people use Linux derivatives to make a big enough difference.

Nothing is immune. That's reality.

Though it's somewhat true Microsoft does seem to like to help the hackers a little more willingly.

Firefox has tools for everyone -- most specifically NoScript:

https://addons.mozilla.org/en-US/firefox/addon/722

If you don't have NoScript, you're rolling the dice.

And it was in there. Our home page Google was replaced by some junk search engine. I have updated spyware and fire wall so this stuff is current. I removed it after a few minutes. Beware.

I get a ton of that stuff in my inbox. NEVER NEVER NEVER open this stuff! Only download from trusted sites (like CNET, Sourceforge, Major Geeks, etc.) or other reputable companies.

And Firefox just released an update the other day. I assume it's because of this. Leo Laporte was talking about this latest wave of malware attacks recently on his radio show. Also said there's a Trojan attacking Mac users.

...of Firefox a few minutes after she got infected.

you can do.
I've been telling my family this for *years.

Even if the "From" field is somebody you know, DO NOT open attachments unless
a) you expected the attachment... AND
b) the file is the one that's expected... AND
c) NEVER accept .exe .com .pif .scr .bat .cmd files from ANYBODY, regardless of if you expect them.
(unless, of course, the family IT guy says he just sent you an executable file named xxxxxx.xxx )
Cutesy animations and screensavers are a major vector of infection.

Following links in unexpected emails is just as bad.


I sometimes feel bad because I know they miss out on some of the crap that their friends are sending around that's *not malware... but they also miss out on a lot of the infection problems that their friends have as well.

I heard this years ago but I've opened a couple recently from friends and was lucky because everything is okay so far.

I use a MacBook running OS X 10.4.10. I hadn't heard about anything attacking Macs at the moment. I had always assumed that they were relatively immune because the OS is much less vulnerable than is any version of Windows, and because their market share is too low to justify the work involved.

Should I be concerned anyway and, if so, what should I be doing beyond the usual malware scans and not opening attachments from unknown sources?

Thanks,

wp

As I said, I heard it mentioned on Leo Laporte's radio show a few weeks ago. Good thing he keeps detailed show notes:

http://techguylabs.com/radio/ShowNotes/Show401#toc3

Here's more info on the Mac Trojan:

http://www.tuaw.com/2007/10/31/intego-reporting-new-os-...

had been pretty effectively nerfed.

It is a browser addon that checks links provided by Google and compares them to a list of sites scanned. Any that have adware of malware on their sites are flagged as red. Good sites are flagged as green. Its quite handy.

A scammer can set up a bot to do just about anything. The massage board I moderate is under attack by these bot bastids. The bot can sign up for a new account, affirm the approval email and throw up a good 10-20 bogus links in less than a minute. Banning IPs does no good because the bot is spoofing IPs. We had to finally resort to hand-approving every new member. I hate bots.

Usually, there's a random assortment of letters or numbers you see in the box that you input as part of the registration process. Bot scripts can't do it, at least most of them can't. As a result, they're screened out.

But I'm the mod, not the administrator. My boss handles that stuff and he's got a lot on his plate already. Eventually, he'll fix the problem and since he's the one doing the hand-approving, no skin off my nose.

There are a few ways to break some of those...but they help witht he casual jackass.

It the phony Your Computer is infected with {whatever} warning message; click here to download the removal tool.

I equate that to breaking into someone's house to sell them an alarm.