User avatar
Greywolf
Senior Member
Posts: 180
Joined: Sat Apr 03, 2010 12:30 am
Location: Western Tennessee

MALWARE/HACK Alert: DO NOT download "Security-Tool"

"Security-Tool" is a trojan program that may appear in a pop-up window on your desktop at affected sites. It will call itself a free security or anti-virus scan that can be downloaded for free

DON'T DO IT!

The program is a virus-like hackerware. It will infest your registry, and when run it will do a pseudo-scan of your PC, calling out hundreds of false viruses, and preventing anything from running.

It is also capable of repairing itself if it is only partially removed, and the site that collects the payments saves your credit card information - numerous accounts of fraudulent credit card charges are also attributed to this malware.

I heard of it from some people I know who keep track of these things. It will tell you that the only way to restore your PC is to pay for and download the "FULL VERSION" - which does not resolve the issues.

Here is an article with more info from Wikipedia:
[url=https://en.wikipedia.org/wiki/Security_Tool]Security Tool - Wikipedia, the free encyclopedia[/url]

This is a maliscious ware, that originated in 2009 under different names, and now masquerades under a likely sounding name that may easily be mistaken as a valid update on some systems.

DON'T buy into it, from what I was told: "It won't even allow SOLITAIRE to run..." That comment came from the voice of experience, and one I don't want to have!

*Now you know another reason I'm called "Greywolf". I look out for things that cause harm, so that me and mine can avoid them

DoubleDogFarm
Super Green Thumb
Posts: 6113
Joined: Sun Mar 28, 2010 11:43 pm

Last night I down loaded Security Essentials from Microsoft. Ran the scan and it located some junk running on my computer.

This is their link https://www.microsoft.com/security_essentials/

My other programs didn't pick up these viruses.

User avatar
tomf
Super Green Thumb
Posts: 3233
Joined: Mon May 18, 2009 8:15 am
Location: Oregon

It is sad people do this sort of thing, both for ID theft and for some kind of sick fun.

I have 2 PC’s and 2 MAC’s I have had problems with both PC’s but never with the MACs. I do not have any thing other than the operating system on my MAC’s but the way the code is written they pretty virus resistant.

User avatar
webmaster
Site Admin
Posts: 9273
Joined: Sun Feb 08, 2004 12:59 pm
Location: Amherst, MA USDA Zone 5a

Hey tomf, do you have an antivirus and malware protection on your mac? If you don't then you may already be infected. [url=https://news.cnet.com/8301-27080_3-10438313-245.html]Apple is constantly finding security holes[/url] in their systems and patching them, same as Windows.

Apple computers have never been immune to malware attacks. Mac users safety in the past had nothing to do with how secure the OS was written. Apple security was based on the fact that there were so few Mac computers out there that it wasn't worth the time to write malware to exploit them. That Apple computers were vulnerable to malware attacks is evidenced in the above link. If you want more links to news reports about how unsafe Apple computers are then ask and I will post more links to legitimate news sites that have reported on that issue for the past year or so. ;)

With Mac's growing popularity that situation has changed and Mac users are now increasingly under attack. If you do not have an anti-malware software installed on your Mac then you should install one as soon as possible. At a recent security conference in Vancouver it took a security researcher [url=https://www.sfgate.com/cgi-bin/article.cgi?f=/g/a/2010/05/03/urnidgns852573C400693880002577180062AA51.DTL]ten seconds to exploit a flaw in Apple's Safari browser to compromise a Macbook[/url].

Re the threat of this discussion, this is old news. It's been around for awhile now. The most sensational attack was when they took over the adservers for the New York Times and served trojans via the ads being served. This happened last fall 2009. Malware writers are also targeting users of various CMS systems like Joomla and WordPress.

There are newer threats to be afraid of. Best to download a good malware protection like MalwareBytes and AVG Anti-Virus.

Good luck.

User avatar
applestar
Mod
Posts: 28672
Joined: Thu May 01, 2008 7:21 pm
Location: Zone 6, NJ (3/M)4/E ~ 10/M

So, WM, do you have a recommendation for Mac users? 8)

User avatar
tomf
Super Green Thumb
Posts: 3233
Joined: Mon May 18, 2009 8:15 am
Location: Oregon

I have asked on Mac forums if any one has ever got a virus or had their computer attacked and no one ever has but they have all read some place that it can happen. As far as I know you have to let the virus in by accepting it in to your computer and the bums do every thing to make their site look real. Most virus are for wWindows and it is much harder to attack a Mac. But you may be right as the bums who figure out how to get at your computers get smarter they may do it to me some day. My main computer runs my studio and productions so I should take extra care.
A number of attacks are being done on the net, as some one takes over your email or an account such as face book and uses it to get at your friends.
What about the sites that give you a free credit report? I think most of them are set up to steal your ID.

EDIT; I went and found some and just down loaded it so I will give it a try.

DoubleDogFarm
Super Green Thumb
Posts: 6113
Joined: Sun Mar 28, 2010 11:43 pm

I heard last night on a talk tech radio that Mac still only has 10% of the market. This is probably some of the reason for low hacks and attacks.

User avatar
tomf
Super Green Thumb
Posts: 3233
Joined: Mon May 18, 2009 8:15 am
Location: Oregon

The OS is different and harder to attack and this is the biggest difference. I have both systems and know first hand. What my biggest problem would be is passing a virus on by an email to a PC friend. I have heard rumor that some pirated software may come with a virus, to let any thing other than cookies in you need to OK it and put in a password. So installing pirated software may let the crap in. I am care full of letting any thing in, any thing that wants me to give it a password.

cynthia_h
Super Green Thumb
Posts: 7500
Joined: Tue May 06, 2008 7:02 pm
Location: El Cerrito, CA

I have received phishing emails which looked *very authentic* and whose "Reply" addresses were also authentic-looking: reply to blah blah at ebay.com or wellsfargo.com, etc.

I *almost* responded to one! :shock: before I remembered "We will never ask for your information via email." So I copy-pasted the message and the reply email address into a new message and sent it to customer service at [whatever merchant it had purported to originate at].

Yeah, yeah, I know: no big deal, it happens all the time. Grow up, etc. :roll:

But I have a Mac, DH has only *ever* had Macs in the house (since the first one), and we have always had anti-virus software installed. Well, "always".... ever since it first became available for Macs.

We're using Norton anti-virus and Norton firewall (cable modem). During the most recent automatic upgrade, the new upgrade found a couple of bots that shouldn't have been here--on a Mac--and removed them.

So there are things getting through onto Macs.

Cynthia H.
Sunset Zone 17, USDA Zone 9

User avatar
webmaster
Site Admin
Posts: 9273
Joined: Sun Feb 08, 2004 12:59 pm
Location: Amherst, MA USDA Zone 5a

The OS is different and harder to attack and this is the biggest difference...
That is actually a myth. it's not that the OS is harder to attack, it's because it is obscure. This phenomenom is called, security through obscurity.

The problem with asking people if they've been attacked is they don't generally know if they are hosting malware, especially if the user is not using an anti-malware software. The Mac computers are used as zombies to carry out ddos attacks, used to send spam emails, etc.

As noted, pirated software was a mode of attacking a computer. But there are other ways to attack a Mac and while those security holes are patched/closed as soon as they are discovered, it's important to understand that as Macs become more popular that malware writers will begin to target them more.

When you visit a website your browser downloads files to the computer. Adobe Acrobat PDF files can open a backdoor to your Mac. The Safari browser is highly exploitable and poses a security risk. All your browser has to do, regardless of what browser you use, is to download an image file in the normal course of visiting a website and you may be infected if not properly protected. That is how the NYTimes adserver exploit functioned.

DoubleDogFarm
Super Green Thumb
Posts: 6113
Joined: Sun Mar 28, 2010 11:43 pm

I know very little about computers. I've been told by a few, not to use Norton, it slows things down.

User avatar
Kisal
Mod Emeritus
Posts: 7646
Joined: Tue Jun 24, 2008 1:04 am
Location: Oregon

Some years ago (3 or 4, maybe 5), the iMac I had at the time got a Trojan Horse from a photo a friend sent me in an e-mail. It placed itself in the startup engine, and I had to have a friend, who is a professional Mac tech, remove it for me. He had never heard of the thing before, nor had any of his tech friends. So, the stuff is out there ... not nearly as much as for PCs certainly, but WM is right about the popularity thing. The more people who use Macs, the more of this kind of garbage there will be floating around.

My friend's anti-virus software didn't alert her to it, because she had a PC, and the Trojan was written specifically for Macs. I had Norton at the time, which alerted me to it.

I just recently got Norton again, a few weeks ago. I haven't noticed any loss of speed yet.

Dillbert
Greener Thumb
Posts: 955
Joined: Sun Apr 04, 2010 3:29 pm
Location: Central PA

there's a lot of apples and oranges flying around in this discussion.

phishing emails / sites / "social network" tricks / etc are aimed at getting the user to input "sensitive" information - typically by "for confirmation please enter your . . ." type stuff.

those kinds of "attacks" are completely independent of your OS. if a user is dumb enough to click on an email web link and voluntarily enter their bank account number and PIN - well, there's just no hope for that level of intelligence. as Forest Gump said, "You can't fix stupid."

and the phishers are clever - www.[your bank].mytheftsite.com is not really something one should trust simple because your bank name appears in the link.

the other flavor of "attack" is getting the user to unknowingly install nasty software - malware, virus, trojan, root kit, there's a bunch of them.

same for "Click here for a free [fill-in-the-blank]" - that attack style depends on users clicking "YES" and some point in the 'infection' process. that "YES" click instructs the OS that the user knows what they are doing and to install the nastyware regardless - naive users will always have issues.

that was the entire rationale behind Microsoft "User Account Control" (UAC ) introduced with Vista. nice idea, badly implemented, users got so fed up with having to click on "YES" for so many things UAC gets turned off and/or users just robotically click on "OK - Infect ME!" like every other time they want to save a document. Win7 "improved" that by allowing users to 'ignore' such "Do you really want to do this?" warnings from specific applications - care to guess how well that is working out?

the nasty software can be delivered - depending on the state of "protection" of the user's software - I.e. "is it all up to date?" - via .pdf, .jpg, .com, .exe, Flash (you've seen the recent Apple & Microsoft's blasts on Adobe Flash?) and a whole host of lesser "file types"

webmaster hit the nail square on the head. Apples are equally vulnerable to malware of every sort specially designed to attack that OS. if the .ru sites send out a million emails, they might find 2-3 vulnerable machines. malware written specifically to Apple OS reduces that to 0.2 or 0.3 users. just isn't worth the time or effort to address 10% of the market. same for (non-server) Unix machines.

any web site can capture the user's OS and IP (and a lot of other stuff) - so as soon as some clever fraudster "invents" an irresistible web site and starts selling "Here's the email & IP of Apple machines" the game for AppleHeads is over. they'll be targeted with Apple OS specific email / phishing attacks.

for windows types:

www.secunia.com
is reputable site to check if all the "helper" applications are up-to-date.

when using a constantly connected broadband connection - one should be behind a router - it's a hardware "firewall" which is all but not possible to penetrate (the 'but' part is software/firmware failings of the router maker, typically corrected by updates)

the Microsoft free supplied out of the box firewall is quite adequate.

and a good anti virus program. I use www.free-av.com - since 1996. free, auto-updates daily, really does work - as opposed to the all-too-frequent screw-ups of commerical paid anti-virus software (Norton, et. al.) those folks have gone so far into the 'bells and whistles' camp they've lost sight of the purpose of real anti-virus protection.

imho.

cynthia_h
Super Green Thumb
Posts: 7500
Joined: Tue May 06, 2008 7:02 pm
Location: El Cerrito, CA

We have a two-computer LAN with router here at the house. Firewall. Plus Norton firewall. Plus Norton anti-virus. DH had multiple majors in college, and one of them was computer science....physics....mathematics.

With regard to Norton supposedly slowing things down, this afternoon and at other times when I'm working at home, I have Firefox open in two windows with my work email and personal email open (yes, I get work email on my personal account). I have Parallel open to handicap my Mac into working like a Windows machine, and I have Word open on it as well as Adobe Acrobat for Windows. I *also* usually have Mac Word and Excel open. We have broadband access.

I'm working on a 121-page document this afternoon; earlier there were three figures, 8.5" x 11" in color--intense base maps with additional glyphs on them--open at the same time as all the rest.

Everything is quite fast.

Cynthia

User avatar
Greywolf
Senior Member
Posts: 180
Joined: Sat Apr 03, 2010 12:30 am
Location: Western Tennessee

Isn't technology wonderful?

The faster it goes, the deeper we get....

From where I'm sitting, it looks like "IF YOU DIDN'T ASK FOR IT, DON'T ACCEPT IT"

Doublecheck everything.

Dillbert
Greener Thumb
Posts: 955
Joined: Sun Apr 04, 2010 3:29 pm
Location: Central PA

"IF YOU DIDN'T ASK FOR IT, DON'T ACCEPT IT"

this is very excellent advice - regrets that some don't 'realize' it in time.

I would add however - some / many of the nastyware 'pop-ups' are designed to look _exactly_ like 'legitimate' notifications from helper apps that "auto-update"

a user is browsing around, a pop-up appears "Adobe / RealPlayer / QuickTime / Java / [whatever] is checking for updates Yes/No"

what appears on screen is an exact copy of 'the real thing' and many folks get fooled. the key of course is what the user clicked on to say YES is not the purpose the cretins use the "Yes" answer for - but the OS can't tell the difference, only that the user clicked YES.

in addition to your advice I would add:
"Never accept/allow an offer to auto-update anything.
Navigate directly to the software-in-question site and update from there."

I personally have all the auto-update functions turned off.

User avatar
tomf
Super Green Thumb
Posts: 3233
Joined: Mon May 18, 2009 8:15 am
Location: Oregon

I took the advice and got mac antivirus and malware software and ran it, no bad stuff all good.



Return to “Non-Gardening Related Hoo-ha and Foo”