My son called me the other night. I could tell by the tone in his voice something was up. His computer was infected, badly. He's a gamer and an artist, always looking for new pictures of mythical beasts, etc. to draw. I brought his computer home and took a look at it yesterday. What I found was disturbing. A couple years ago I posted my concerns about when the next generation of viruses/trojans were coming. Over the years I've watched the complexity and sophistication of these attacks grow. Well folks, they are here and they are every bit as serious as I feared.
The latest generation installs almost instantly as a rootkit. It makes itself an uber-administrator of the computer and takes over the Internet Browser without you knowing (though sometimes it will be slower). Behind the scenes it is redirecting every time you search using all the popular search engines and showing you a slightly different page. So when you go shopping or looking for stove pictures, or other items you are on a spoofed page usually with links that are copies of the original pages, but with infected files when you click on a picture or ad. All along it is setting itself up for a larger attack. When it happens you will get the infamous fake virus alert that is made to look like a Windows system dialog, with prompts to secure the computer. My son had seen these in the past and within a couple seconds he closed the dialog and pulled the ethernet cable. But it was too late. The program had already deeply embedded itself in the root of the drive and set up its own admin account. All shortcut links were gone, all desktop wiped, access to any files on any drive blocked. All virus and firewall programs shut down and blocked from opening. And even more sophisticated, it watched for everything every time the computer boots including from a linux disk and blocks all known virus checker, rootkit fixes, etc.. I suspect today I will be starting over with a low level formatting his drive.
I won't bore you all with the number of door and places I have found this program in on his hard drive. This is simply to alert Windows users that there is a new level of attack being mounted and the tools out there that should be protecting your systems are failing. There are some simple things that will help. A hardware firewall, a secure login (don't let the machine boot up without an alphanumeric + alt keys login), a good quality, always updated, malware program set to a high protection. And a very vigilant eye for the unusual. My Win7 system and wife's laptop remain secure, mostly because we don't go to the websites that young men go to and they are setup with current security measure. But I won't be surprised if they come knocking at our door.
Unfortunately, most Windows systems used in homes and a lot of businesses are not very secure or well protected. I fear that as this spreads we are going to see a major impact on our society. And the sophistication just keeps getting better. I am computer agnostic and have been on Windows, Amiga and Mac systems since 1986. This is not a sales pitch, but if you have been thinking about a new computer, this would be a good time to consider a Mac. So far they are off these demons' radar. Hard to say for how long though. This is cyber war folks, don't take it lightly.
The latest generation installs almost instantly as a rootkit. It makes itself an uber-administrator of the computer and takes over the Internet Browser without you knowing (though sometimes it will be slower). Behind the scenes it is redirecting every time you search using all the popular search engines and showing you a slightly different page. So when you go shopping or looking for stove pictures, or other items you are on a spoofed page usually with links that are copies of the original pages, but with infected files when you click on a picture or ad. All along it is setting itself up for a larger attack. When it happens you will get the infamous fake virus alert that is made to look like a Windows system dialog, with prompts to secure the computer. My son had seen these in the past and within a couple seconds he closed the dialog and pulled the ethernet cable. But it was too late. The program had already deeply embedded itself in the root of the drive and set up its own admin account. All shortcut links were gone, all desktop wiped, access to any files on any drive blocked. All virus and firewall programs shut down and blocked from opening. And even more sophisticated, it watched for everything every time the computer boots including from a linux disk and blocks all known virus checker, rootkit fixes, etc.. I suspect today I will be starting over with a low level formatting his drive.
I won't bore you all with the number of door and places I have found this program in on his hard drive. This is simply to alert Windows users that there is a new level of attack being mounted and the tools out there that should be protecting your systems are failing. There are some simple things that will help. A hardware firewall, a secure login (don't let the machine boot up without an alphanumeric + alt keys login), a good quality, always updated, malware program set to a high protection. And a very vigilant eye for the unusual. My Win7 system and wife's laptop remain secure, mostly because we don't go to the websites that young men go to and they are setup with current security measure. But I won't be surprised if they come knocking at our door.
Unfortunately, most Windows systems used in homes and a lot of businesses are not very secure or well protected. I fear that as this spreads we are going to see a major impact on our society. And the sophistication just keeps getting better. I am computer agnostic and have been on Windows, Amiga and Mac systems since 1986. This is not a sales pitch, but if you have been thinking about a new computer, this would be a good time to consider a Mac. So far they are off these demons' radar. Hard to say for how long though. This is cyber war folks, don't take it lightly.
