Paul – Page 159 – Paul's Tech Talk

Do you have the Obama Worm?

PaulJanuary 30, 2009

So I sit here reading about the Obama Worm from PcWorld. Asking myself what type of worm this is? Here’s what I do know, it isn’t a malicious intent but it does look like it is something someone thought of this to test out their skills and to make people laugh. This however isn’t a well made worm, it seems to slow down systems after awhile and prevents loading up of programs. The Odds of you getting this worm is like Dieing in an Airplane or Very slim according to some researchers.

[ad#ad2-left]It seems to be spreading through USB and therefore should prevent this by disabling Autorun features in your machine, also you should limit the use of external storage devices whenever possible to help prevent infection. Although currently it seems that the worm isn’t detected by any anti-virus software t right now. There is a screen capture of the Obama Worm in case anyone wanted to see what it looks like.

The Back story is this started at school, and It looks to be only visible on Monday’s. So if you find yourself seeing the face of Obama on the right hand corner of your screen. That is the only way to find out if you have the Obama Worm. If you want to find out,if you have the worm, the easiest and quickest way is to change the time on your Windows systems to the following Monday and reboot. IF after you reboot, and you see the head then you will know you are infected or at least that is my theory on discovering it, haven’t had a system with the Obama Worm yet but expect it to be really simple to find out.

Right now, Most of the Anti-virus companies are trying to figure out how to detect it and remove it so it will of course be a little while. The best advice I can give you is to make sure you systems are fully patched to help protect the systems from Malware infestations.

A fan wants to Release Windows 7 Now : My Security Concerns

PaulJanuary 29, 2009

After reading about this from PcWorld, I’ve went to check this site out. I went to his twitter accoun(Kelly Poe) to find out the site he put up and I am quite impressed. Here are few things that I am concerned about starting with the website.

[ad#ad2-right]I love the idea and all but I am quite concerned with the privacy of my email account. I don’t know if you have to submit your email account but I would caution people not enter one until the site says what it will do with your email address.

Now that being said that’s the only thing I can think of when it comes to security for your email address, you don’t want to someone to give out your email address to spammers. That would just make it even worse for your email account. You could however use a 10 min Email account to use but that might make it harder for Microsoft to contact you if they want to verify these accounts!!

Now my main concern is Windows 7 right now and Security. You know the Conflicker/Conflickr/Downadup Worm is currently loose on the internet. It uses the the Ms 08-067 Exploit and currently Windows 7 does not protect against this Worm in fact Microsoft has released information that you would need to install the updates manually to fix this problem.

Some vendors are yet to develop for Windows 7 beta due to it being a beta. Some others like Security Vendors are offering protection for Windows 7 Beta. This is mainly the Anti-virus software group, I would like to see more people embrace windows 7 as much as the security groups. Although this is the first step it would need to be more open response from Manufacturers and dealers alike they would need to get it to work making sure their drivers and such will work good with Windows 7. This is where it takes time, that is why I am glad it is a beta, it allows vendors and Companies a like a chance to test out their software and Hardware and even their drivers before the release.

Before I support this, I would like to see more happen to Windows 7 in some areas. For instance I’d like to see more compatability and more drivers and software that works for Windows 7. I’d also like to see Microsoft to take Windows 7 Beta Serious and Keep the Security up on it and not let it lapse. I’d want Microsoft to send out patches for Vulnerabilities just like Vista and keep people’s system updated so you don’t have to update them manually. I just hope Microsoft takes Apple’s example to heart and release Windows 7 without having to have several versions of the same Operating System.

Phishing sites pop up for IRS!

PaulJanuary 28, 2009

Well, this just came to light with The Spywareguide blog. I’ve seen some activity about Where’s my refund lately and I thought I tell you how to make sure you’re on the right site. If you’re expecting a refund check the OFFICIAL SITE. The Official Site is http://www.irs.gov and nothing else. If you want to find out about some of the most common Phishing attempts check out the Phishing advice from the IRS.

[ad#ad2-right]The Spyware Guide blog talks about sites that looks to be IRS but are actually just phishing for information. Some of the ones they talk about are:

gicrisis.org/data/refundtax/SearchTAXERR.php

irs-2009.com/refund/refunds.html

collectrefund-irs.com/refund/refunds.html

cimaonline.ca/application/Internal/Revenue/Service/pas.php?certegy_vm=trueportlet_change_1_actionOverrideFchaseonlineFchangeFprocessDetails_windowLabel_portlet_process_pageLabel_page_process

jklabs.cz/phpayv2/admin/import/.secure/www.irs.gov/get-refund/refunds.php?Where_is_my_refund&Get_Refund

Although this list will most likely change this is just starting for people who filed there income tax. Some things to Remember are:

You can generally access information about your refund 72 hours after IRS acknowledges receipt of your e-filed return, or three to four weeks after mailing a paper return

Via IRS.GOV

So if you’ve filed your Taxes it should be getting to you in 3 to 4 weeks although as you get closer to the March 15, 2009 Deadline it will take longer so you should consider filling early to prevent from having to wait to long for your return. If you follow the rule that any email claiming to be from IRS is not true and shouldn’t click or install any software. You should however tell the IRS as quickly possible about this attempt to get sensitive information. If you want to protect your system from virus or even think you have a virus, trojan, or Malware please check my Malware Resource for further information on removing it!!

People coming from Sites that don’t exist

PaulJanuary 28, 2009

So I woke up today checking out my sites, and looking outside. So As I was checking my Stats for my blog. I cam across a referring site that brought Supposedly Two people to my site. I looked at the URL for the site:

http://trojan.fiftystatesclassifiedads.com/index.php

[ad#ad2-right]So after seeing the “trojan” Prefix and I am wondering if this was an attempt by Malware to infect my domain. So I go check this domain out. I got to it and I get a 404. I then do a Cache Check with OPENDNS. I also Then decided to see if it was even Registered domain by the doing a Whois. So I am opening this up to people who might know. I did do some research and here’s wha I’ve found out so far.

According to How2hack, they talk about how people want privacy and that it might be someone who does not want to be found. I tend to agree with them, Privacy for Privacy sake is good but if you want to be private you would you even be checking out websites knowing people will want to find out who really is coming to your site. The How2Hack site also talks about how this might happen and I see where they are coming from.

This was the only site I could find that even looked like it was relevant to what I was searching for. I don’t see how someone can come to my site saying they were referred by another site and that site does not exist? Anyone want to try to answer this question and give insight as to why this would happen?

‘Life Owner’ won’t delete your data!

PaulJanuary 27, 20091 Reply

I received this email from a friend and wanted to talk about this:

VERY IMPORTANT , PLEASE READ THIS

Anyone-using Internet mail such as Yahoo, Hotmail,
AOL and so on.

[ad#ad2-right]This information arrived this morning,
Direct from both Microsoft and Norton

Please send it to everybody you know who has
access to the Internet.

You may receive an apparently harmless e-mail titled ‘Mail Server Report’

If you open either file, a message will appear on your screen saying:
‘It is too late now, your life is no longer beautiful.’

Subsequently you will LOSE EVERYTHING IN YOUR PC,
And the person who sent it to you will gain access to your
name, e-mail and password.

This is a new virus which started to circulate on Saturday afternoon.
AOLhas already confirmed the severity, and the anti virus software’s are not capable of destroying it.

The virus has been created by a hacker who calls himself
‘life owner’.

PLEASE SEND A COPY OF THIS E-MAIL
TO ALL YOUR FRIENDS, And ask them to
PASS IT ON IMMEDIATELY!

THIS HAS BEEN CONFIRMED BY SNOPES.

http://www.snopes.com/computer/virus/mailserver.asp

After doing my little research, I’ve come to the conclusion that this is nothing more than a warning that someone went over board on. I’ve check this on Snopes and it says that:

This latter version is difficult to classify as either “true” or “false”: The virus it references (i.e., the Mail Server Report worm) was a real one, but it’s neither new nor currently rampant (as claimed in the warning text), nor does it manifest itself in the fashion described (since the “symptoms” provided in the warning are merely a reworking of the text of an earlier virus hoax). All in all, that message doesn’t really merit the dire warning to “SEND A COPY OF THIS TO ALL YOUR FRIENDS, And ask them to PASS IT ON IMMEDIATELY!”

I decided to send a reply to my friend who email me this “Warning” and tell him this:

[ad#ad2-left]Although, This is a real worm. It however is over hyped and under no circumstances will it delete your files. I’ll quote from F-secure:

Warezov.W is a mass-mailing worm that sends itself as e-mail attachments to addresses found on the infected computer.

Typically, a mass-mailer arrives on a computer with an infected e-mail message. In some cases, the infected attachment can start automatically. In other cases, the system is infected when the user opens the attachment. When a typical mass-mailer is activated, it installs itself to the system and creates a startup key for itself in the Windows registry. It then stays active in the system’s memory. While active, the mass-mailer searches for specific files (HTML files for example) on all available hard disks for e-mail addresses. Finally, it connects to an available mail server and sends itself to all the addresses it has found.

Aside from this, Warezov.W also downloads another worm variant from a specified website on the Internet.

According to all my sources is if you are worried about this worm, then I highly recommend a good Anti-virus and Software firewall. This worm is easily detected by all the free anti-virus software out there. I like AVG because it scans all incoming emails before you even touch the email. Please don’t forward that to anyone else it seems to be an old email warning that isn’t really a warning anymore. It seems to be a scare email where there is no real chance of your data going bye bye. Just thought you’d like to know!!

So I tell you this, if you have any question of the likely hood of any emails you happen to come buy, you best best it to google it or ask your friend before you open the email up. It is best also to scan all email attachments before even considering opening them.