Archive

Posts Tagged ‘Malware’

Your Computer is Infected, Call This Number (Scam)

Just a quick post as i received a call from a client saying that he had a message on his computer today “stating that his computer has a serious virus and then asked him to call 866-628-4936 or a UK number to remove the virus” which was a voice speaking to him!!

This is defiantly a SCAM “DO NOT CALL THE NUMBER”

If you require any help or support with this problem please don’t hesitate to contact us or visit our website Remote computer repair

Kind Regards

IT Solutions Site Support Team

PCs Come Pre-Installed With All Your Favorite Malware

Malware and viruses are bad, but so long as you’re careful, your PC will stay squeaky clean, right? Maybe not. Microsoft has found that many PCs from China are coming with malware pre-installed, as many as a fifth.

As if bloatware wasn’t bad enough, the four offending computers all run forged versions of  Windows, forged versions of Windows with all kinds of nasty functionality baked right in. Generally, the malware is designed to control the PCs for use in a botnet, In worse cases, the viruses could remotely engage cameras and microphones.

You’re probably safe; most of the computers that suffer from this come from relatively unregulated markets like China. Still, even if your laptop is clean having more infected computers out there isn’t going to be good for anyone. Microsoft has been trying to fix the problem with a lawsuit, but it’s a big problem to fix. For the time being, don’t buy a new computer in China if you can avoid it

Work-from-Home Scheme and Malware Served on Fake BBC Site

It’s not uncommon for us to find shady websites that replicate the ones of the BBC, or Channel 5 News in an attempt to advertise fake work-from-home jobs. However, it’s somewhat unusual to find such sites that bring something extra, such as the Blackhole exploit kit and a nasty Trojan. More on this story at Softpedia

Get a 30 day FREE trail VIPRE Anti-Virus

Google warns 20,000 websites they could be infected with malware

Google has warned 20,000 websites that they might be hacked and injected with JavaScript redirect malware, Google said.

In a message sent this week, Google said some pages of the website may be hacked. “Specifically, we think that JavaScript has been injected into your site by a third party and may be used to redirect users to malicious sites,” the Google Search Quality team said. The team said files are infected with unfamiliar JavaScript and warned that site owners should search for files containing “eval(function(p,a,c,k,e,r)” in particular. The code may be placed in HTML, JavaScript or PHP files.

Websites were also warned that server configuration files could have been compromised.”As a result of this, your site may be cloaking and showing the malicious content only in certain situations. It emphasized that it is important to remove the malware and fix the vulnerability to protect site visitors. Webmasters were also urged to keep their software up-to-date and to contact their Web hosts for technical support.

It is not the first time Google has warned website owners to look for malware infections, Google spokesman Mark Jansen said in an email. “It’s part of our ongoing mission to be transparent with webmasters and do our bit to help prevent spam,” he said. “In fact this isn’t a new phenomenon; we communicate very openly with webmasters and always have done.”

Google’s anti-malware campaigns can have a big impact. Last July Google excluded more than 11 million URLs from the “co.cc” domain, because they were regularly used by cybercriminals to spread antivirus programs and conduct drive-by attacks. Google explained in a blog post at the time that some bulk providers could host more than 50,000 malware domains, and that it could flag whole bulk domains in severe cases.

VIPRE Report Reveals Wide Range of Cybercrime Targets

GFI’s VIPRE Report for January 2012 reveals that cybercriminals took advantage of every single hot topic to launch their malicious campaigns, targeting gamers, small businesses and even government organizations.

Pro Evolution Soccer 2012 and the Halo video game series represented great opportunities that allowed crooks to spread their pieces of malware onto the computers of those who were looking for pirated editions or invites to test beta versions.

Phishing emails were also widely present in inboxes in the month that passed, the reputations of organizations such as the Better Business Bureau, Southwest Airlines, and even the US-CERT being used in the phony messages.
By relying on hot topics, malware writers and scammers launched a large number of successful campaigns to which they’ve attached dangerous pieces of malware.
An interesting typosquatting scam relied on the fact that users may still try to access the now defunct Megaupload site. Users who misspelled the site’s name ended up on domains that offered fake prizes in exchange for valuable personal information.

GFI found that most of the threats having targeted users in January were Trojans (35%), followed by the Yontoo Adware (2.23%) and a rogue security program identified as FraudTool.Win32.FakeRean. The omnipresent Autorun.inf Trojan also made the list, being identified in around 1.2% of attacks.

Get a FREE trial of Vipre ant-virus today!!

Amazon Gift Card Survey Scam Hits Facebook

Amazon seems to be the company for internet scammers, who have now launched a new survey scam using the online retailer’s name.
Amazon Gift Card Offer Spam Message

One Free Amazon.com Gift Card (limited time only)
amazonfree-giftcard.blogspot.com
Amazon is currently giving away gift cards to all facebook users. Click here to get one! http://

The scam offers a “free” Amazon.com gift card to anyone that’s willing to share the scam with their peers and post a comment on the page to help the scammer build credibility for the offer.

Of course, scammers are never satisfied with a measly share & comment!

Once you’ve completed step 1 and 2 on the initial landing page, you’re redirected to another website that starts off slow by asking for your zip code.

The cybercriminals behind this scam don’t benefit profit from their little setup until you complete 13 “reward offers” and convince three friends to repeat your mistakes.

According to the terms & conditions  that make up for about a third of the page, “Completion of reward offers most often requires a purchase or filing a credit application and being accepted for a financial product such as a credit card or consumer loan. “

And to no surprise, “Failure to submit accurate registration information will result in loss of eligibility.”

How to deal with the Amazon Gift Card Scam

If you’ve shared this scam:

  1. Remove the link from your Facebook wall by clicking the ‘x’ in the top right corner.
  2. Remove the history of your comment on the scam page from your Facebook wall.
  3. Warn your Facebook friends & family not to share this scam or complete any of the “reward offers” associated with it.

If you catch one of your Facebook friends sharing this scam:

  1. Let them know that it’s a scam and recommend that they follow the steps outlined above.

In addition to this new Facebook survey scam, cybercriminals are also using Amazon’s brand in numerous spam campaigns that contain malicious file attachments, attempt to steal financial information, or link the recipients to dangerous websites that deliver malware.

If anyone requires any help or support with a virus please don’t hesitate to contact IT Solutions Site Ltd

We also recommend Vipre anti-virus details can be found here

Regards

IT Solutions Site Support Team

Koobface Worm Wriggles Out of Social Networks and into BitTorrent

How many times have you been told that when one door closes, another one opens? Probably a whole bunch, but what no one ever bothered to disclose is that this idiom isn’t always an inspirational motivator to carry on with life and can sometimes apply to those with less scrupulous intentions. Case in point: a security firm warns that the Koobface worm is no longer spreading through social networks and is now slithering its way across BitTorrent sites.

According to Trend Micro’s research, the Koobface botnet is spreading through Trojanized torrent files and/or a new Koobface component called tor2.exe. Trend Micro detects the latter as WORM_KOOBFACE.AV, and once a user executes the file, the worm sends an HTTP request to its C&C to download a torrent file. That’s the first step. The next step involves firing up uTorrent unbeknownst to the user as a background process and proceeding to grab the dirty files referenced in the torrent file.

“Unwitting users looking for pirated copies of popular software such as games, PC utilities, or productivity software are in for a surprise, as these Trojanized software torrents are found on popular torrent sites,” Trend Micro warns.

Trend Micro says it’s discovered the Koobface worm lurking in pirated copies of WinRAR, Adobe Lightroom, Dark Ritual, and many more. Those who think they’re safe to download pirated software because they’re sitting behind an AV wall should think again. Trend Micro says Koobface uses several binaries and encryption to avoid detection by AV programs.