![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
greenmanPlease be careful opening any email that is sent to you with an attachment, even if it purports to be from a legitimate company.
Recently a couple of virus varients have been going around, using social networking as more effective ways of getting people to open them. There have been two iterations of them that I have seen so far.
The first purports to be from AirTran Airways, and the text thanks you for purchasing your ticket online through them, and indicates that a charge of $400+ has been made to your credit card. It also refers to the the attachment, which supposedly includes your receipt and the ticket. Of course, most people want to know what the hell is going on, since they didn't purchase any tickets online, and certainly not for $400+ dollars. Of course, they open the attachment, which isn't a receipt, but is in fact the virus. And the virus that has been going around does not seem to be stopped or detected by Symantec Antivirus, even using the most recent updates, so that machine in infected.
The latest varient arrives as a message from FedEx, warning either that the package that was sent to you, or that the package that you sent, was not able to be delivered because the wrong address was given. Again, an attachment with more information is included, and many people seem to want to open the attachment without thinking about it. The virus included in both of these messages seems to be a varient of the Virantex (or Braviax) trojan/virus, and is remarkably resistent to removal.
Please be careful. There is always lag between the newest virus varients showing up in the wild, and the latest updates released by Antivirus companies. There is always the chance that you can be infected, even if your virus definitions are up to date. Do NOT open any attachments that you aren't completely sure of. In fact, if you receive a message from someone that you DO know, with an attachment, contact them and confirm that they sent you the message, and that they included an attachment, before you open in, and go so far as to confirm the name of the attachment, as well.
Viruses have been out there for quite a while. Generally, they no longer carry destructive payloads, but they CAN slow your machine to a crawl, get you blacklisted when they try and spam other people with copies of themselves from your machine, or slam your network connection with extra traffic. And they can be VERY difficult to get rid of, once you're infected.
Recently a couple of virus varients have been going around, using social networking as more effective ways of getting people to open them. There have been two iterations of them that I have seen so far.
The first purports to be from AirTran Airways, and the text thanks you for purchasing your ticket online through them, and indicates that a charge of $400+ has been made to your credit card. It also refers to the the attachment, which supposedly includes your receipt and the ticket. Of course, most people want to know what the hell is going on, since they didn't purchase any tickets online, and certainly not for $400+ dollars. Of course, they open the attachment, which isn't a receipt, but is in fact the virus. And the virus that has been going around does not seem to be stopped or detected by Symantec Antivirus, even using the most recent updates, so that machine in infected.
The latest varient arrives as a message from FedEx, warning either that the package that was sent to you, or that the package that you sent, was not able to be delivered because the wrong address was given. Again, an attachment with more information is included, and many people seem to want to open the attachment without thinking about it. The virus included in both of these messages seems to be a varient of the Virantex (or Braviax) trojan/virus, and is remarkably resistent to removal.
Please be careful. There is always lag between the newest virus varients showing up in the wild, and the latest updates released by Antivirus companies. There is always the chance that you can be infected, even if your virus definitions are up to date. Do NOT open any attachments that you aren't completely sure of. In fact, if you receive a message from someone that you DO know, with an attachment, contact them and confirm that they sent you the message, and that they included an attachment, before you open in, and go so far as to confirm the name of the attachment, as well.
Viruses have been out there for quite a while. Generally, they no longer carry destructive payloads, but they CAN slow your machine to a crawl, get you blacklisted when they try and spam other people with copies of themselves from your machine, or slam your network connection with extra traffic. And they can be VERY difficult to get rid of, once you're infected.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2008-08-19 02:46 pm (UTC)I used to think I was just worried about protecting my systems from script kiddies and zombie/bot nets because those are the most numerous and most likely attacks. Most of those are pretty easy to protect from. Now I'm even more aware of just how amazingly easy it is to hack most computers and have to assume that the only reason my systems aren't hacked on a daily basis is that targeting a public library just isn't cool nor profitable enough to be worth doing.
no subject
Date: 2008-08-19 03:07 pm (UTC)Please, tell more!
no subject
Date: 2008-08-19 03:42 pm (UTC)It was a very interesting and intense class. It taught a lot of great information, and for people that knew less than I about hacking going into the class it must have been really difficult. The class taught the basics of a ton of exploits/vulnerabilities and attacks. It also mentioned close to 100 pieces of software useful for hacking. We also got some time actually using computers to create and attempt attacks including creating viral loaded attachments, backdoors, and the basics of good social engineering techniques.
The problems I had with the class are that it was much too microsoft centric, it included incredibly inaccurate information about *nix, and the test was one of the biggest pieces of shit I've ever taken. It had questions that were provably incorrect, it had questions requiring a single answer when multiple answers were correct, it had questions so poorly worded that I couldn't figure out what they were even asking for sure, it had questions we didn't cover in the class and I don't mean we covered X specific version of a theory and they asked about the Y specific version of a theory. I mean they asked things like "is X true" when X was something we never covered at all.
So...coming out of this class I'm positive nothing is unhackable (I was pretty sure of that before). I'm pretty sure I can hack just about any microsoft server to at least some degree, and anybody with some experience and skill at this definitely can. Since the class was so microsoft centric, I can't make those statements about *nix boxes, and having been an admin for Microsoft servers and *nix servers I know that microsoft boxes are less secure by default but that both can be hacked, but I'd say that *nix boxes are probably a bit harder/more time intensive to hack.
And now I've got a truly huge number of extremely complex decisions to make about what we need to do here at work to make things more secure, and the sure knowledge that it'll be an uphill battle to get any of it approved by management. Very fun.
no subject
Date: 2008-08-19 04:45 pm (UTC)Occasionally, I'm not sure what a probably-valid attachment is; once in a blue moon, I'm curious about a bogus attachment.
I've never gotten myself into trouble by opening something with a hex editor.