Osama Hanged (virus)

*verified with snopes.com and about anti-virus*

Emails with pictures of Osama Bin-Laden hanged are being sent and the
moment that you open these emails your computer will crash and you
will not be able to fix it!

1.) If you get an e-mail along the lines of ‘Osama Bin Laden Captured’
or ‘Osama Hanged’ , don’t open the Attachment!!!!

This e-mail is being distributed through countries around the globe,
but mainly in the US and Israel.

Be considerate & send this warning to whomever you know..

PLEASE FORWARD THIS WARNING AMONG FRIENDS, FAMILY AND CONTACTS.

2.) You should be alert during the next few days:

Do not open any message with an attached file called ‘Invitation’
regardless of who sent it.

It is a virus that opens an Olympic Torch which ‘burns’ the whole hard
disc C of your computer!!!!

This virus will be received from someone who has your e-mail address
in his/her contact list, that is why you should send this E-Mail to all
your contacts.

It is better to receive this message 25 times than to receive the virus
and open it.

If you receive e-mail called ‘invitation’, though sent by a friend. Do
not open it!!! Shut down your computer immediately!!!!

This is the worst virus announced by CNN, it has been classified by
Microsoft as the most destructive virus ever.

This virus was discovered by McAfee yesterday, and there is no repair
yet for this kind of virus.

This virus simply destroys the Zero Sector of the Hard Disc, where the
vital information is kept.

Popularity: 1% [?]

Ed Skoudis lists the Top 5 Worst Attacks of 1998 - 2002

That which does not kill us makes us stronger.
-Friedrich Nietzsche

In the November 2002, Information Security Magazine article, Infosec’s Worst NightMares, Ed Skoudis lists the Top 5 Worst Attacks of 1998 – 2002. Mr. Skoudis is the founders of Intelguardians Network Intelligence, LLC and is a handler of the very popular Internet Storm Center.

Mr. Skoudis mentions that the Top five major destructive attacks of 1998 – 2002 made many industries “battle-tested” and more likely to be proactive rather than reactive. The 5 year Worst Skoudis list is based on exploits that shook our very faith in the Internet and security of e-commerce.

1. Code Red (2001). July 13 2001, the worm attacked Microsoft IIS systems. By 19 July 2001, the worm had affected over 350,000 systems. SANS and Honeynet Project set up honey pots to capture the worm. But E-eye Digital Security Programmers did the most intense research on the worm and also named it. The worm exploited a vulnerability in the indexing software distributed with IIS, described in Microsoft’s MS01-033 patch. It was a buffer overflow attack. Some of the lessons learned: Keep systems patched, use of honey pots to capture malware, coordinated response helps to contain worms.

2. Nimda (2001). Shortly after 9/11, the Nimda worm was unleashed. It caused more damage financially than Code Red. There were rumors that it was China that released it to hurt the US further, but this is unlikely due to the nature of Nimda.

While it was bad, it had the appearance of a being written by a determined amateur, not a nation-state that spends $1 Billion annually on cyberwarfare capabilities. – Skoudis.

Nimda affected Windows 95, 98, Me, NT, or 2000 and servers running Windows NT and 2000. It was so affective because it attacked IIS, e-mail, browsers and network shares. This multi dimensional attack method could mark a trend in future cyberfare.

Lessons Learned: The importance of an incident response capability, disabling arbitrary scripts in e-mail and browsers.

3. Melissa (1999) & LoveLetter (2000). Both of these exploited malware through e-mail propagation. Melissa used Microsoft Word Macro virus and LoveLetter (I Love You Virus). The worm harvested the victims address book to forward itself to more victims which killed a lot of email servers. Lessons Learned: Many companies got serious about implementing anti-virus applications throughout the network.

4. Distributed Denial-of-Service (DdoS) attacks (2000). After all the panic of pre-Y2K, a completely new and unexpected storm hit major sites: Yahoo!, Amazon, CNN, E*Trade ZDNet and eBay. All by a single child hacker nicked named Mafiaboy. He had spread zombie flooding agents to hundreds of machines around the world and used them to attack sites with billions of useless packets. Lessons Learned: employ anti-spoofing filters.

5. Remote Control Trojan Horse Backdoors (1998 – 2000). In 1998, the Cult of the Dead Cow hackers group created the Trojan, Back Orifice which initially targeted Windows NT/9x. The tool allowed unskilled attackers to attack any vulnerable system. It also marked the rise of the “script kiddies” and produced a bunch of spin offs such as Subseven, Netbus and Hack-a-Tack.

Popularity: 3% [?]

Malware Alarm

A friend of mine wanted me to do some work on her computer, but when I fired up the computer all I saw was Malware Alarm.

The computer was really slow and essentially un-usable. Malware alarm, I noticed, looks a lot like the scamware PS Guard and SpySheriff. These are applications that pretend to be anti-virus, anti-spam software that actually infect your system with spyware, mass-mailers, and backdoors into your system. This type of the malware is known as a trojan. As usual any attempts to shut this application down or minimized it are useless because even if you do manage to get anything else up, it will eat up so much system resources (CPU, memory, bandwidth) that the computer itself is close to useless. It you delete it in normal mode and miss a part of it, it will regenerate itself like a hydra.

After looking at the Task Manager (which took 20 minutes or so), I decided to reboot in “safe mode”. Unless your system has something like a Rootkit (malware that replaces the main component of your operating system) Safe Mode only turns what is needed and nothing else. I used system restore to remove Malware Alarm. And Spybot Search and destroy/Adaware to remove everything else.

System Restore should be used first because it is easiest and does require any additional software.

1) Reboot in Safe mode: Restart system, hit F8, select “Safe Mode”

2) Proceed in Safemode: When prompted (as in the picture above) Select “NO”

3) Restore Wizard: Select a date prior to when you recieved the malware (system restore does not delete newly downloaded files, only new changes in the registry)

Popularity: 6% [?]

W32 Vb Fp and Externalvxd

w32.vb.fp is a trojan and externalvxd.exe is a virus. 
W32.vb.fp is a virus affecting Windows 32 systems (Window 2000/XP/Vista) written in Visual Basic.

Remove W32/vb.fp and externalvxd.exe

Popularity: 2% [?]

Monster.com Hacked?

Yesterday, we analyzed a sample of a new Trojan, called Infostealer.Monstres, which was attempting to access the online recruitment Web site, Monster.com. It was also uploading data to a remote server. When we accessed this remote server, we found over 1.6 million entries with personal information belonging to several hundred thousand people. We were very surprised that this low profile Trojan could have attacked so many people, so we decided to investigate how the data could have been obtained.

– More at Symantec

Popularity: 3% [?]

Prevent Computer Viruses

In the last three years or so I haven’t had a single computer virus on my main system unless I put it there on purpose.  I use a very simple method to prevent computer viruses and malware from ever getting on my system. 

check it out here: http://elamb.org/hacked/how-to-prevent-computer-virus.htm

 

Popularity: 8% [?]

Bad Web Sites

The Internet is a remarkable reflection of human nature.  Its a gauge of what is going on inside our heads.  I find this both fascinating and disturbing.  For every moving, revolutionary truthful site I have read there are ten that are evil, twisted and greedy.

Here is an example of the types of bad web sites I'm talking about. 

One of the most aggressive and intrusive of all bad websites on the Internet are serial, warez, software cracking type sites. They bait you with porn, or free software, or software codes. If your guard is down, they sneak some malware onto your system.

Realistically no one should be at these sites. The hold premise behind these websites is bad. It is the equivalent to going to a back alley and buying a “hot” camcorder. The camcorder is definitely stolen, but we conveniently exclude the source of the camcorder from our minds. Serial/crack, warez sites are bad sites featuring stolen goods.

READ MORE about Bad Sites Here.

Popularity: 3% [?]

How to get Malware/Virus/Trojans on your Home Windows computer:

1) Use Window 9x/2000/XP out of the box DO NOT bother to reconfigure it
  

Don't create any login accounts with strong passwords
Do all work from the adminstrator account (Windows does this out automatically  so   don't do anything)
Do not bother with patches no matter how critical (Windows will prompt you to update, just ignore it)
Don't disable the guest account
Don't change the name of default administrator account
Enable as many network protocols as you can

 

2) Use Internet Explorer

If you want your system to get infected with all kinds of malware DO NOT use Firefox or anytype of pop up blockers
When you use IE, don't increase the security under: Tools | Internet Options | Security tab, just leave it as is
Ensure all Java and ASP scripting languages are enabled, allowing other computers to load software on your computer remotely
Never patch Internet Explorer

3) Connect directly to the Internet

Do not use any kind of firewall 
Do not use Network Adress Translation (which will hide your IP adress)
Do not load SP2 for Window XP
  

4) Surf the deadliest sites with no protection

Surf Serial/Crack/Warez sites and always completely trust their sites
Porn sites with no protection
Screen Saver sites
“hacker sites”  not all hackers sites just “black hats” and script kiddie type sites
Find dark IRCs
  

5) Behavior that will help you get your system infected.

Download Screen Savers from site you are not sure about
Open emails from people you don't know
If you get a Security Warning that says “Do you want to download XXXXPROCUT NAMEXXX..” Don't even bother reading the rest just click yes.
  

6) Software that is more than likely infected

Tools bars that automatically download without your permission
Kazaa and some other free P2P tools

 

List of Tools for faster Infection:

Internet Explorer  (Firefox can affectively block malware)
Broadband/DSL (use of a firewall using Network Adress Translation will hide you system)
Windows 9.x/2k/XP (open source OSes such as Linux are less likely to be hacked)

 

Popularity: 6% [?]

Trojan Virus Encrypts your files, holds password ransom for $300

A new Trojan identified as CryZip infects files on a computer by encrypting them, then demands a $300 ransom for the password to unlock the files.

More and more reasons to have redundant back-ups of all important data.  I currently have my data on two different computers and a seperate server.  But what I'd like to do is get a good external storage device or (even better IMO) a DVD burner.  NO I don't have one yet.

Even though it seems like it would be more time consumning to use DVDs to burn all my important files every month or so, it would be better than the alternative (external storage) since I keep hearing horror stories about them breaking down.

read more | digg story

Popularity: 2% [?]

How to get rid of SpySheriff:

“I have a malware infection on my laptop, i go into safe mode and look into
the files and the virus file comes up as spysheriff with an icon.”

*******************************************************

How to get rid of it?

Check out my site:

http://elamb.blogharbor.com/hacked/removespysheriff.htm

If you have already, try this:

http://www.bleepingcomputer.com/forums/How_to_remove_SpySheriff_Winstallexe_Spysheriffexe-t22402.html

The Easiest Way to get rid of it:
Another way you may be able to remove it is to do a system restore:

http://www.elamb.org/hacked/systemerror384.htm

This is what I had to do because I had stuff going on even in Safe Mode.

How did I get it?
I was surfing some serial/crack/warez sites.  They are absolutely
INFESTED with malware. Some porn sites are bad, but warez sites seem to
be the worst.

On way to Prevent it is to use FireFox:
See top of this blog.

Popularity: 5% [?]

Next Page »