Archive

Posts Tagged ‘Virus’

Your Computer is Infected, Call This Number (Scam)

Just a quick post as i received a call from a client saying that he had a message on his computer today “stating that his computer has a serious virus and then asked him to call 866-628-4936 or a UK number to remove the virus” which was a voice speaking to him!!

This is defiantly a SCAM “DO NOT CALL THE NUMBER”

If you require any help or support with this problem please don’t hesitate to contact us or visit our website Remote computer repair

Kind Regards

IT Solutions Site Support Team

Heartbleed bug hits web security

Vrus

Several major technology firms have urged users to change all their passwords in the wake of the Heartbleed bug security breach.

The bug was first reported on Monday after going undetected for more than 2 years.

It bypasses the OpenSSL cryptographic library, which is used online to digitally scramble sensitive information as it passes between computer servers.

It is best known as the padlock icon that appears in the corner of web browser windows to show the page you are using online is secure when data moves back and forth.

The Heartbleed bug is a flaw in this system that can give anyone access to the data behind that encryption, including passwords and credit card details, without leaving any trace.

Read more on this story at MSN UK

PCs Come Pre-Installed With All Your Favorite Malware

Malware and viruses are bad, but so long as you’re careful, your PC will stay squeaky clean, right? Maybe not. Microsoft has found that many PCs from China are coming with malware pre-installed, as many as a fifth.

As if bloatware wasn’t bad enough, the four offending computers all run forged versions of  Windows, forged versions of Windows with all kinds of nasty functionality baked right in. Generally, the malware is designed to control the PCs for use in a botnet, In worse cases, the viruses could remotely engage cameras and microphones.

You’re probably safe; most of the computers that suffer from this come from relatively unregulated markets like China. Still, even if your laptop is clean having more infected computers out there isn’t going to be good for anyone. Microsoft has been trying to fix the problem with a lawsuit, but it’s a big problem to fix. For the time being, don’t buy a new computer in China if you can avoid it

Work-from-Home Scheme and Malware Served on Fake BBC Site

It’s not uncommon for us to find shady websites that replicate the ones of the BBC, or Channel 5 News in an attempt to advertise fake work-from-home jobs. However, it’s somewhat unusual to find such sites that bring something extra, such as the Blackhole exploit kit and a nasty Trojan. More on this story at Softpedia

Get a 30 day FREE trail VIPRE Anti-Virus

Google warns 20,000 websites they could be infected with malware

Google has warned 20,000 websites that they might be hacked and injected with JavaScript redirect malware, Google said.

In a message sent this week, Google said some pages of the website may be hacked. “Specifically, we think that JavaScript has been injected into your site by a third party and may be used to redirect users to malicious sites,” the Google Search Quality team said. The team said files are infected with unfamiliar JavaScript and warned that site owners should search for files containing “eval(function(p,a,c,k,e,r)” in particular. The code may be placed in HTML, JavaScript or PHP files.

Websites were also warned that server configuration files could have been compromised.”As a result of this, your site may be cloaking and showing the malicious content only in certain situations. It emphasized that it is important to remove the malware and fix the vulnerability to protect site visitors. Webmasters were also urged to keep their software up-to-date and to contact their Web hosts for technical support.

It is not the first time Google has warned website owners to look for malware infections, Google spokesman Mark Jansen said in an email. “It’s part of our ongoing mission to be transparent with webmasters and do our bit to help prevent spam,” he said. “In fact this isn’t a new phenomenon; we communicate very openly with webmasters and always have done.”

Google’s anti-malware campaigns can have a big impact. Last July Google excluded more than 11 million URLs from the “co.cc” domain, because they were regularly used by cybercriminals to spread antivirus programs and conduct drive-by attacks. Google explained in a blog post at the time that some bulk providers could host more than 50,000 malware domains, and that it could flag whole bulk domains in severe cases.

Amazon Gift Card Survey Scam Hits Facebook

Amazon seems to be the company for internet scammers, who have now launched a new survey scam using the online retailer’s name.
Amazon Gift Card Offer Spam Message

One Free Amazon.com Gift Card (limited time only)
amazonfree-giftcard.blogspot.com
Amazon is currently giving away gift cards to all facebook users. Click here to get one! http://

The scam offers a “free” Amazon.com gift card to anyone that’s willing to share the scam with their peers and post a comment on the page to help the scammer build credibility for the offer.

Of course, scammers are never satisfied with a measly share & comment!

Once you’ve completed step 1 and 2 on the initial landing page, you’re redirected to another website that starts off slow by asking for your zip code.

The cybercriminals behind this scam don’t benefit profit from their little setup until you complete 13 “reward offers” and convince three friends to repeat your mistakes.

According to the terms & conditions  that make up for about a third of the page, “Completion of reward offers most often requires a purchase or filing a credit application and being accepted for a financial product such as a credit card or consumer loan. “

And to no surprise, “Failure to submit accurate registration information will result in loss of eligibility.”

How to deal with the Amazon Gift Card Scam

If you’ve shared this scam:

  1. Remove the link from your Facebook wall by clicking the ‘x’ in the top right corner.
  2. Remove the history of your comment on the scam page from your Facebook wall.
  3. Warn your Facebook friends & family not to share this scam or complete any of the “reward offers” associated with it.

If you catch one of your Facebook friends sharing this scam:

  1. Let them know that it’s a scam and recommend that they follow the steps outlined above.

In addition to this new Facebook survey scam, cybercriminals are also using Amazon’s brand in numerous spam campaigns that contain malicious file attachments, attempt to steal financial information, or link the recipients to dangerous websites that deliver malware.

If anyone requires any help or support with a virus please don’t hesitate to contact IT Solutions Site Ltd

We also recommend Vipre anti-virus details can be found here

Regards

IT Solutions Site Support Team

Phone scammers target PC users with phony virus reports

Online con artists are targeting PC users worldwide in a brazen scam. It starts with a phone call from a “tech support specialist” who warns that your computer is infected with a virus. To fix things, all you have to do is give the caller remote access to your PC. Here’s what happens next. Read more about this story on ZD Net

Speedy Malware Infects More than 6 Million Web Pages

In less than two weeks, a malware injection that targets e-commerce Web pages has ballooned from 90,000 infected pages to more than 6 million.

The malware, called willysy, exploits a vulnerability in a popular online merchant platform, osCommerce, according to Web application security provider Armorize, of San Francisco.

When the company initially reported the injection on July 24, it found 90,000 infected pages. When it took another look at the malware on August 3, it found the injection had spread to some 6.3 million pages.

Although the identity of the perpetrators of the attacks by the malware could not be identified by Armorize, the company did trace the forays to eight IP addresses, all located in the Ukraine.

The attacks exploit three known vulnerabilities in version 2.2 of osCommerce. The exploits allow the attackers to place an invisible frame (iFrame) on the page and then inject malicious code (JavaScript) into the page, where it will infect visitors to the online store.

Once the infection makes it to shopper’s computer, it targets vulnerabilities in Java, Adobe Reader, Windows Help Center and Internet Explorer. Although the flaws in those programs targeted by the infection are known and have been patched, the attackers are betting that the user hasn’t patched all the programs.

Even the exploitation of osCommerce itself depends on lax patch management by the shopping site, since the holes in the program used by the attackers were patched in version 2.3 of the software released in November of last year. Since that time, two versions of the offering have been released, 2.3.1 and 3.0.1.

According to osCommerce, the open source software is used by some 249,000 store owners, developers, service providers and enthusiasts.

Attacks like the one discovered by Armorize can be especially harmful to small and medium-size businesses (SMB), asserts Frank Kenney, a former Gartner analyst and vice president of Global Strategy at Ipswitch, a file transfer security company in Lexington.

Willysy’s progress (click to enlarge)Those companies typically don’t have the financial resources of larger firms so they’re attracted to open source programs like osCommerce and use off-the-shelf software in their operations. “Whenever you use off-the-shelf software, you have to understand there are data issues and all types of security vulnerabilities that exist.

While the makers of off-the-shelf software patch their programs often, he continued, the business still has to invest in the resources to insure that proper patch work is done.

Such lack of diligence can hurt a business in the long run, because security breaches can invite scrutiny from credit card companies, he explained. A credit card company may refuse to allow the business to use its services until it shows a certain level of security compliance that is out of the reach of the business from a financial or time and resource point of view.

Scareware now targets Firefox browser

We have been reading about a lot of rogue software targeting Mac users – but its now time for Firefox users to be very careful.

A new scareware detects your user-string from your browser and if you are using Firefox, it will display a fake alert stating that a security scan is in process, with a button recommending that you Start Protection.If you click on the Start Protection. button, it will proceed to install a rogue antivirus software on your Windows computer.

Firefox does NOT include a virus scanner, so should you see such an alert, you know what to do! Simply close the browser and make it a point to not visit the website where you may have seen this alert, reports Sophos.

If you use Internet Explorer, you may get the regular Computer folder dialog box which appears to be running a system scan inside your IE.

I guess we are going to be seeing more and more of such ways to steal money from people. Cybercriminals will use such scareware tactics to scare people into downloading malicious software onto their computers and/or pay for a fake rogue software. This is something we all need to take care of.

Sites hit in massive web attack

The hi-tech criminals used a well-known attack vector that exploits security loopholes on other sites to insert a link to their website.

Those visiting the criminals’ webpage were told that their machines were infected with many different viruses.

Swift action by security researchers has managed to get the sites offering the sham software shut down.

Security firm Websense has been tracking the attack since it started on 29 March. The initial count of compromised sites was 28,000 sites but this has grown to encompass many times this number as the attack has rolled on.

Websense dubbed it the Lizamoon attack because that was the name of the first domain to which victims were re-directed. The fake software is called the Windows Stability Center.

 

If anyone requires help and support with this issue please don’t hesitate to contact us www.it-solutions-site.co.uk