Category: virus removal

Conficker maps of US!

Paul

conficker_us_map

The Conficker Work Group has been busy the last few days compiling data of where the [intlink id=”3240″ type=”post”]Conficker Worm[/intlink] is in the world.  I am just showing one of the many pictures they have compiled.

[ad#cricket-right-ez]

Now I must say this isn’t entirely accurate, but it gives a good impression of how many computers in the US have been infected and still need to be removed.   Giving that most of these are business that haven’t updated there Windows Machines, this isn’t surprising.  So I am guessing that if this map is close to what we expected, some of the companies didn’t do anything about[intlink id=”3214″ type=”post”] Conifcker during the hype[/intlink].

That being said, I would like people to answer this question?  Has any technicians had to disinfect systems that had the conficker worm?  Are you seeing a rise in repairs, in regards to conficker related problems?

I was look around there website, the Conficker Work Group, and I stumbled on a really good resource.  It is called Conficker Eye Chart.  If certain images don’t load then you might be infected.   If you want to find out if your infected go check the chart out for yourself.

The Group also has a great list of tools to remove the Conficker Worm.    Although, I have been saying for the past week that the best way to prevent from getting infected is having [intlink id=”2205″ type=”page”]Anti-virus, and Firewalls[/intlink].  You will also need to remember that only you can prevent from getting a computer virus or worm, you’re the last line of defense!!

Mac Users aren’t Immune, so stop broadcasting “You’re glad you have a MAC”

Paul

With the Conficker going on right now, I am seeing more and more Tweets about Mactwitconficker and

twitconficker

[ad#cricket-right-ez]

Now I might not know a lot but this type of Smug confidence will be the downfall of the Mac’s in the coming years.  I have to ask do you not expect to get a virus at ALL?    You see when a company like Apple starts to get above a certain degree in the eyes of the hackers.  They will become a target, not a big target but a target.

In one of my post I talk about [intlink id=”2173″ type=”post”]Mac’s and Botnet[/intlink], you should really read it.  It talks about why Apple will become the next fail whale.    Some other Articles to Consider are:

And So I went into Google to see the trends for “Mac Virus” and Here is what I seen:

Mac Virus Google Trend

As you can tell Mac’s Virus and Maleware are on the rise.  This doesn’t mean you have to worry about the Conficker worm, but you have to Worry.  Most Apple Users are over confident that they will never get a virus or maleware on there system to the point that they will install it because they think they won’t get it.   I’ve seen in the past where Mac users are [intlink id=”2801″ type=”post”]download programs illegally[/intlink] just because they think they are not going to a Virus or Maleware.

It just gets me going when I constantly see people post about how they have a Mac.  I guess that Mac Ads are working but soon very soon they will change.    Although the mentality of the Mac not getting a virus is so god like that one day something like the Conficker worm will hit Mac’s exclusively because of the attitude of users.  Should Mac’s get anti-virus software, has been asked so many times in the past months that it makes me wonder.  Who has made this happen in the first place?  I’d have to point to Apple.  I don’t agree with there MAC Tax when it comes to buying a computer and will never pay for a mac.  So the next time I see people broadcasting they are glad they have a mac, I’ll just have to send them to this page!!  No Operating system is 100% secure or safe, even Linux systems can have viruses.

The April fools Joke, You’ve got a computer worm!

Paul

Cluely’s blog talks about this and I thought I would talk about it a little myself!!

[ad#cricket-right-ez]This is the newest version of the Conflicker/Downadup variant of the little worm.  There seems to be people who are worried that April 1, there will be a major wake up in security no holds bar problems.

Some people have got rather confused as to what the April 1st deadline really means. The truth is that Conficker is not set to activate a specific payload on April 1st. Rather, on April 1st Conficker will begin to attempt to contact the 50,000-a-day potential call-home web servers from which it may receive updates.

[Via Graham’s Cluely Blog]

Now let’s talk about this a little, this worm won’t do anything else but ask for updates on April 1, and we don’t know when the virus writers will implement the update it could be a month down the line.  You could[intlink id=”3171″ type=”post” target=”_blank”] Backup[/intlink] your software and use the free program [intlink id=”2883″ type=”post” target=”_blank”]Autopatcher[/intlink] to help make sure your system is completely up to date with windows security.  You can’t forward the to that date to find out what will it call home to.    We don’t know what it will do when they update to the conficker.c program all we know it starts to try to call to certain domains on April 1, 2009.  So you should install [intlink id=”2205″ type=”page”]Anti-virus and Firewalls[/intlink] where you think it is needed.

I am sure though this will be an really big April Fools Joke from the Virus Programmers, they will be laughing at the hysteria of people trying to find out all the important information on April 1, and yet it might not start to happen until much later!!  You are the first line of defense from getting a virus or any malware.  So let’s keep our heads on straight and not go over board!  Only time will tell, and I am sure what happens on Apr 1, 2009 will be a new day.


Malicious Spammers target Bank of America

Paul

I’ve saw two different security firms talking about Bank of America and I wanted to share with you:

Fake Bank Of America SitePicture from F-secure

[ad#cricket-right-ez]The two sites are F-secure and Pandalabs who are talking about Bank of America and how they try to get you to install malware.  With Adobe having just sent out the new updates last month it looks like spammers are using this to get people to install Malware.

It is also been known to be floating around in Facebook this spam.  So if you get a link going to a site you don’t know about to see a video and it says you need a codec or the Adobe update you should turn right around and leave site. You should always type in the url of Your Bank and not go there through links.

From what they are saying it monitors Network traffic and Steals ICQ, POP3, and IMAP passwords.  If you find network traffic going to Hong Kong IP, then it is time to check to make sure all your Virus definitions are up to date and you’ve installed an Anti-virus and Firewall.  I would encourage  users to report it to Phishtank so that any other unsuspecting user or person going to that site will be warned.

Fake Scareware Sites Popup after the Pifts.EXE Conspiracy

Paul

There Seems to Be a Fake site that are popping up today right after what happened with PIFTS.EXE. I just happen to Google it to see what people are talking about and this appears on the front page.

Not a real site!!

As you can see this leads to a server in Poland and once you go to it you see:

Not a real virus scanner

I will be reporting this to Phishtank. This is scareware which means  there is no real VIRUS because and you
Should never believe the screens when you see something like this. According to Wikipedia:

[ad#ad2-right]Some websites display pop-up advertisement windows or banners with text such as: “Your computer may be infected with harmful spyware programs. Immediate removal may be required. To scan, click ‘Yes’ below.” These websites go as far as saying that a user’s job, career, or marriage would be at risk. Products using advertisements such as these are often considered scareware. serious scareware applications qualify as Rogue software.
[Via Wikipedia]

So if you are worried you have a virus or think you have a virus I would advise you to download one of the free Many anti-virus software and firewall. This is nothing new with the companies who are doing this but don’t buy anything because people are trying to scare you into thinking you have a virus. That rarely is a valid software and you should use the ones that you trust. If you find a site like that please report them to Phishtank and other sites that way we can protect everyone who goes there.