Tag Archive for spyware

Isn’t it Ironic? Mac OS X Virus arrives

A sesimic shift in the PC word has just happened: A Mac OS X virus is here, coming in the form of a Java script off of social media.

The irony? as I was removing a virus off a “real” PC this morning, my client indicated they might buy a Mac, so they wouldn’t viruses. I began with a little business analogy: One day, it will happen. When? When the Macs in the market reach some magical %, the “bad guys” will then take the time to study the Mac OS in detail, to try and exploit it. I also went on to discuss how a business decision, when done right, always looks for the most impact, for the least expenditure of resources. And, as of that moment, it must haven’t arrived (little did I know)…yet. I potulated, that when it did, it would be like a very big tidal wave, particulalry accentuated by the fact that it’s “well known” Macs are invulnerable from attack. Yeah, right.

So any how, for you MacoPhiles…gird your loins, the attainment of 20% of the PC market by Macs announced by Steve Jobs a few days ago, has had an impact on your bulletproofness. Be on your toes, and hope the good guys have anti-virus software ready for you, really, really soon.

Here’s the warning from the articles at ARSTechnica:

A new trojan horse has cropped up that affects Mac OS X (and Windows as well), primarily disguised as a video flitting around social networking sites. When users click an infected link, a Java applet is launched that downloads multiple files, including an installer that runs automatically without users’ knowledge.

While between other appointments this after noon, I saw the article (linked above) and I knew the time has come.

Note, too, you Windows based PC users, you’re a casualty of this new attack, too.

Be on the look out for any video on the social media sites….all of you computer users.

I’ll bring this history, too, because there have been Mac based viruses before. In early 1988, I contracted the “Scores” virus on my Mac II from a download off of GEnie.

That was bad news. The good news is the PC market exploded on cheap Intel based PCs and the bad guys went after them. That has left the Mac world as the untouchables for all these years…until now.

We Infect Our Computers Ourselves

Didn’t bookmark it, but a few weeks back, I saw an article that said greater than 50% of computer infections were no user imposed.

What does that mean exactly? It means the people who write and manage software are doing a pretty good job of staying ahead of the hacker crowd, but,we the users, are become our own worst enemies. Not that we purposely let spyware, malware and viruses in, but we are more easily fooled into doing just that.

The “bad guys” are becoming very good at replicating things that are legitmate, both in look and in a social context, that make us want to click it.

Next hing you know, you’ve got a “ScareWare” problem, which, if you don’t pay the ransom, it begins to dig about your files and, over time, render your PC useless.

What got me to post this? An article in a security news feed I track saying there are a crop of “Browser Updates” showing up on people’s screen, and, we do what we are told “KEEP YOUR COMPUTER UP TO DATE!”

That makes it increasingly difficult to sort the fake updates from the real ones.

Let’s be careful out there and, according to Symantec researcher Parveen Vashishtha know this:

Malware authors are employing innovative social engineering tricks to fool users — it’s as simple as that…”

Tuesday Tech Tips

It’s not a good idea to go out “unprotected computing” these days. Like just about everything else mankind has invented, there are good uses (nuclear power – Lighting up a city) and bad uses (nuclear power again – Blowing up a city). The bad uses aren’t even to the users behind the keyboard of the computers these days, but those who infect your computer with many bits of code that are there to make your system work for someone else (mentioned a few Tuesdays ago regarding slow computers) or to steal your info.

One type of software out there that sucks people in is what I have termed “ScareWare.” Bad stuff at several levels…

Here’s what it looks like to you: you’re minding your own business, or reading everyone else’s on Twitter tweets, and all of a sudden, a windows appears in the middle of the screen with some ominous warning like: “YOUR COMPUTER IS INFECTED WITH SPYWARE/MALWARE/VIRUSES! – Click here to scan your computer.” You, being the concerned user you are, do that. Next, there are the normal downloading and installing software indications. You keep clicking the “Next” buttons until the process is complete.

A system scan begins, the “progress bars” show, the number of files checked the viruses (or what ever found) clicks up. Finally, the scan is done, and sure enough, there are things to be removed. You click to get rid of the problems and….yes, you get the dreaded “You must purchase this product to remove the _____________ click here to enter your credit card number.”

You’ve been had. At the top level, the software has most likely found some legitimate things on your system that do not need to be there, some of them rather benign, and you want them off. At another level, you now have a program that is installed and pretty much got into your system by false representations. Just about all of them I have run across do you no good.

In one case, the anti-virus software imbedded itself, didn’t appear on the list of programs installed, so you could remove it the normal way, and…the bonus “gotcha!” was you couldn’t log onto any of the sites to get the free software, or even the big name legitimate software to remove this alien being on your hear drive.

My advice, if you get the ScareWare installed and it begins to nag you, very heavily, make sure you save any and all data off your computer you wish to save for the future, because, I saw a case where the machine would just reboot every 5 minutes and all I could do was to completely reformat the hard drive and begin all over installing Windows.

Note: you must save it to a CD/DVD/USB drive, a back up/external hard drive to make sure you have it. Family pictures, work documents, resumes, address lists…etc. Gte them off, then try to root out the offending software.

Your first step: See if you can get on to www.symantec.com, or < ahref=”http://www.mcafee.com”>www.mcafee.com or www.lavasoft.com. If you can’t get them to come up without errors, then you have it bad and you should mentally prepare yourself for completely restoring your hard drive.

Next week more on how to do the best you can coming back from a close encounter with “ScareWare.”

Tuesday Tech Tips

Topic for the day:  The bad guys and the battle for your processor time.

Slow computer?  Not uncommon these days.  There are many causes, some just because the software you are using is overcoming the capabilites of the computer you have, but more often than not, unless you just decided to become a big time video edting geek on your 10 year old ex-corporate office hand me down Pentium III Compaq computer running Windows 2000, it’s an issue of the things that creep onto your hard drive, and load themselves each time you start/re-start your computer.

There are many names for these things, but the ones most responsible for significant slowing of your computer are most likely because your system has become a “zombie” in a massive network of infected computers around the world, cranking out spam emails.  Ther is big money in this, and there are people who have master control over the infected systems, and are paid well for using “cloud computing” before cloud computing was a viable term, to deliver those spam emails to your inboxes, based on what some marketer wants to get you to consider.

Recently I read the good news is the email traffic on the Internet comprises only 97% of the volume.  Good news?  Yes…because we’re down from 98% in 2008.  So, if you know how many jokes and inspirational emails you forward without comment, how could it be possible that so much more traffic could be spam?

Infected computers.  The best well know term for this might be “MalWare” (malicious software), but the software isn’t loaded to hurt your own system, it’s just there to use your processor to churn out emails on mortgages, debt reduction, free cruises, weight loss, etc, etc, etc.  That’s the slowdown factor.  It doesn’t care that you need to make a powerpoint show up for this coming meeting, becuase you let it in, so it’s like univited guests that come and decide if they can find it in the refrigerator, or the pantry, it’s theirs.  Don’t leave your car keys out, either.

The malware programs get in, scan your email contact list, randomly pick a contact’s email and go to work.  This, as a side note, is also why sometimes you get an email from someone telling you, via the forwarded mail, that you were sending spam.  You look at the text and have no clue why, or when you would have done that.  It wasn’t you, it was your email address from someone elses address book on someone else’s infected computer.

If you’re system, after it’s booted up, is dragging, when it wasn’t and you haven’t installed some new software to put yourself on the cutting edge of somoe capability, you just may have that uninvited guest using your processor.   Time to complete a few simple steps to correct the problem.

First, run your anti-spyware software.  Spyware?  Yes, that’s how it’s found, along with software that may be sitting around, waiting for you to type your creditcard number, but you’re still going after the malware zombie making code.

Spybot is a free utility.  AdAware is also free, but has paid for versions to automate more of the scan process, if you choose.  Install and run one of those of you have nothing.  Make sure you allow the installer to get the latest updates, at it is a leapfroggging game of the bad guys writing new wyas to do this, and the good guys blocking it, and sending you the updates.  You may have an old zombie/malware/spyware in your system, but you may have a brand new one, too.

After the scan is completed, then ensure the spyware prgram deletes the identified problem code, adn, the next most important step is to re-start you computer.  Why?  The virus like software is stored on your hard drive, and told to load at startup into memory, where it runs.  The scanners check the hard drive for the program, but cannot look into the active memory of the computer to see if a program is running.  So, what you “found” is the code on the hard drive, and even if you delete it, the program itself can still be in memory, cranking out debt relief emails.  By shutting down/restarting, you clear all running programs out of the “RAM” (random access memory) and when the computer begins it’s next run, the bad code is off the hard drive and not loaded, so your “uninvited guest(s)” are no longer hanging around, driving your card, eating you food and using the washing machine in front of your own load of clothes.

There you have it.

Compute smarter, not harder!