Posted on 03/31/2006 9:05:27 AM PST by grandpa jones
This Worm Is Nasty, Brutish, And Sneaky
As a data security specialist, Jeremy Pickett sees all kinds of digital tricks. So on Mar. 20, when he was tracing the origins of a computer worm that had been blocked the night before from entering a client's computer network, Pickett wasn't too surprised that it tried to connect with four sleazy Web sites, most of them, he believes, in Russia. Or that it then tried to load victims' PCs with as many as 30 new pieces of "malware," ranging from spam programs to those that automatically dial in to expensive phone-sex services.
But the real shock came when Pickett decided to test another bug by infecting his own PC with it. Out slithered a program that promptly installed itself deep inside his computer. There it became virtually immune to detection from the basic antivirus software that scans for dangerous code. The bug -- known as a "Trojan," which in turn was hidden inside a "rootkit" -- was designed to activate whenever a Web surfer typed in a user name or password for bank accounts or Web sites for dating, social networking, or e-mail. Pickett went to a bank site and entered fictitious log-in information. Right before his eyes, those data were sent streaming back to Russia, joining the IDs of thousands of real victims. His reaction: "absolute horror."
This nasty bit of code, appropriately named "the Hearse" by Pickett's employer, Sana Security Inc. in San Mateo, Calif., is threatening to raise the stakes in the spy-vs.-spy war over cybercrime. That's because the average computer security program sifts for known worms and viruses on PCs. But rootkits cloak data-stealing code so that it can hide in the deepest guts of Windows software without showing up in task lists as an active program.
(Excerpt) Read more at businessweek.com ...
Another reason after two decades as a PC user that my next computer will be a Mac.
Person shoots self in foot. Do you ban guns for their stupidity. No.
Person intentionally infects their computer with a virus. Do you ban computers for their stupidity. No.
As a PC user one can easily get a virus in the normal course of computer usage. I have never intentionally infected my computer, yet I have managed to get a couple viruses over the years. To my knowledge there hasn't been a Mac virus to date.
Microsoft shareholder? See tagline.
Don't be so smug, OSX expliots are be found in increasing number with each passing day.
The fact is this guy knowing infected his computer and got burned by it. This is a software Darwin Award, but instead of killing himself, he just killed his bank account.
To my knowledge there hasn't been a Mac virus to date.
OSX is a glass house that you throwing rocks from: http://www.freerepublic.com/focus/f-news/1595728/posts
my next computer will be a Mac.
When you fire it up, buy a license for Little Snitch, it's an outbound firewall monitoring per app instead of IP and port. It's really shocking to find out who is phoning home.
In the good old days, we'd have PC vs Linux flamewars over this. Oh, where have you gone, innocentbystander? BTW, I still advocate Linux, but now that PPC based PowerBooks are a bit cheaper, I use those for personal use.
Who has time to monkey with Windows?
Linux [end of message].
bump
So . . . uhhhh . . . who has the patch/goods, solution for this particular rookit?
This guy did not get burned, this is his job. Rootkits have been hiding trojans for quite a long time. And dont think if you have a Mac that you are safe either.
this program will find some of them, unfortunately i have not found one program to do it all.
http://www.f-secure.com/blacklight/rootkit.shtml
Basic antispyway/ malware protection:
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction
This gives the basics
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Overview
This give the procedure
http://wiki.castlecops.com/Malware_Prevention:_Prevent_Re-infection
This helps with prevention
Bookmark.Thanks for the info.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.