This isn’t the plot of a Japanese horror film

Onkel Neal · 10-10-12, 09:40 PM

Quote:

You***8217;ve just opened a Web page or clicked a link in an email when your computer***8217;s desktop goes gray. A browser window pops up with the FBI logo in the top left corner. Below it is a live webcam feed with a picture of someone***8217;s face. You try to click away but find that your browser is locked. With a start, you recognize the face staring at you from the screen: It***8217;s you.

http://www.slate.com/articles/techno...for_cash_.html

I swear, if the govt would just start executing these types, this would go away.

CCIP · 10-10-12, 09:49 PM

Well, in fairness, the people behind these things usually operate from outside US jurisdiction to begin with.

Anthony W. · 10-10-12, 10:06 PM

More reasons I got rid of my webcam...

My cam really did get hacked at one point.

Sailor Steve · 10-10-12, 10:31 PM

That's the one that bit me the second time, and I reinstalled windows also for the second time and still haven't got it right yet. Reinstalling Windows didn't fix the problem anyway, so I screwed myself twice.

I agree that these people need to be caught and prosecuted if possible, but I also discovered the easy way to get rid of it, but too late for me.

Start your computer in safe mode and run a good malware fighter. Malwarebytes http://www.malwarebytes.org/products/malwarebytes_free/ did the job for me, when even Spybot didn't find it. Of course you can't get online in safe mode to download it, so you have to get it some other way.

[edit] According to the article you may need to do a complete reinstall anyway. Maybe I was lucky. Or maybe it will be back. We'll see.

Jimbuna · 10-11-12, 05:38 AM

I notice the article says they also infect Skype...keep an eye on that Steve, I know I will.

MH · 10-11-12, 06:33 AM

Careful what you click and what you allow to run on your PC.
Usually you don't need to give any authorisation to view sites even though some ask to install of kinds of crap before you do this or that...

Onkel Neal · 10-11-12, 08:20 AM

Quote:

Originally Posted by CCIP

Well, in fairness, the people behind these things usually operate from outside US jurisdiction to begin with.

So did Bin Laden

mookiemookie · 10-11-12, 08:25 AM

Neal's just found the idea for his next Subsim fundraiser.

Skybird · 10-11-12, 08:50 AM

Not really new, but a thing that increases in importance since it is rapidly spreading.

Most important advice of course is to avoid compromised sites that infest you via drive-by downloads. If only one would know in advance! So, with every click, a tiny risk remains. The more dubious the website, the greater the risk becomes. Obviously, a criminal managing to get one of the large websites like Amazon or Google infested, means major trouble.

Freeware virus scanners are doing the job of active scans of the HD when manually prompted to do so. They almost never offer the full security suite of the commercial product, and never offer live protection when being online. Get a decent security suite for money. Tune it manually for maximum settings.

Same for firewall: the commercial products offer more options and insurrances, than the free versions. Liv e email protection also is something you want to have.

Get a decent malware scanner as well. They are complementary to virus scanners. While one should not have two firewalls and two virus-scanners running at the same time, a virus scanner and a malware scanner is okay. They are not the same.

Get rid of Java.

Avoid Flash, ActiveX scripts where possible. Ban all cookies, chose manually which ones to accept and store. Set your browser to tightest options possible. Run in a sandbox. Use a pop-up blocker.

Default settings in separate scanner software often are set to medium settings. Check carefully and push them all up as high as you can, considering your surfing habits. Keep them all just below that level where you cannot surf reasonably anymore. "Reasonably" obviously has different meanings for different people. The taste for risk is just this: a question of taste. Some like it hotter, some prefer mild. But any possible billing in the future will be at your cost.

All this does not bring your security risks to zero. But it reduces them and makes it more likely that an alarm goes on when an intruder penetrates your defenses. And that is what it is about: that you become aware your system is done.

If you got hit: DO NOT REPAIR, BUT FORMAT AND REINSTALL. A compromised system remains to be a compromised system, no matter how many messages you get that a repair was successful. I know its a PITA, but there you have it: you never can be certain the infestation really has been defeated, or just cleverly deceived you. So kill that damn HD, take no prisoners.

It is good advise to have a trustworthy image on a separate, physically unconnected HD. Systems running two parallel HDs where the one is a life twin of the other, do not protect you against malware infestations, since if one HD got compromised, the other must be considered compromised as well - it is physically connected to the system, right? Such system are not meant to safeguard against infestations, but accidental data dropouts. A good image of an original default installation with all software you need and all options tuned is good. Having images once a month means they represent older and older installation states, and in case of trouble you cannot be sure you do not use an already infested image for reinstalling. For restoring a system, use the earliest image you can afford - distance in time means distance to the infestation. The HD keeping the image of my system after original and complete Windows and software installation, is a holy item to me.

10-10-12, 09:49 PM	#2
CCIP Navy Seal Join Date: Apr 2005 Location: Waterloo, Canada Posts: 8,700 Downloads: 29 Uploads: 2	Well, in fairness, the people behind these things usually operate from outside US jurisdiction to begin with. __________________ There are only forty people in the world and five of them are hamburgers. -Don Van Vliet (aka Captain Beefheart)

10-10-12, 10:06 PM	#3
Anthony W. Grey Wolf Join Date: Feb 2009 Location: Central Indiana Posts: 850 Downloads: 130 Uploads: 0	More reasons I got rid of my webcam... My cam really did get hacked at one point. __________________ Sunken Mustangs Proud Ford Mustang owner "Damn the torpedoes! Full speed ahead!" - Admiral David Farragut Run silent - run deep - keep the baffles clear - targets front and center. Private pilot and history buff

10-10-12, 10:31 PM	#4
Sailor Steve Eternal Patrol Join Date: Nov 2002 Location: High in the mountains of Utah Posts: 50,369 Downloads: 745 Uploads: 249	That's the one that bit me the second time, and I reinstalled windows also for the second time and still haven't got it right yet. Reinstalling Windows didn't fix the problem anyway, so I screwed myself twice. I agree that these people need to be caught and prosecuted if possible, but I also discovered the easy way to get rid of it, but too late for me. Start your computer in safe mode and run a good malware fighter. Malwarebytes http://www.malwarebytes.org/products/malwarebytes_free/ did the job for me, when even Spybot didn't find it. Of course you can't get online in safe mode to download it, so you have to get it some other way. [edit] According to the article you may need to do a complete reinstall anyway. Maybe I was lucky. Or maybe it will be back. We'll see. __________________ “Never do anything you can't take back.” —Rocky Russo

10-11-12, 05:38 AM	#5
Jimbuna Chief of the Boat Join Date: Feb 2006 Location: 250 metres below the surface Posts: 190,464 Downloads: 63 Uploads: 13	I notice the article says they also infect Skype...keep an eye on that Steve, I know I will. __________________ Wise men speak because they have something to say; Fools because they have to say something. Oh my God, not again!!

10-11-12, 08:25 AM	#8
mookiemookie Navy Seal Join Date: Nov 2005 Location: Houston, TX Posts: 9,404 Downloads: 105 Uploads: 1	Neal's just found the idea for his next Subsim fundraiser. __________________ They don’t think it be like it is, but it do. Want more U-boat Kaleun portraits for your SH3 Commander Profiles? Download the SH3 Commander Portrait Pack here.

10-11-12, 06:33 AM	#6
MH Ocean Warrior Join Date: Jul 2008 Posts: 3,184 Downloads: 248 Uploads: 0	Careful what you click and what you allow to run on your PC. Usually you don't need to give any authorisation to view sites even though some ask to install of kinds of crap before you do this or that...

10-11-12, 08:50 AM	#9
Skybird Soaring Join Date: Sep 2001 Location: the mental asylum named Germany Posts: 42,602 Downloads: 10 Uploads: 0	Not really new, but a thing that increases in importance since it is rapidly spreading. Most important advice of course is to avoid compromised sites that infest you via drive-by downloads. If only one would know in advance! So, with every click, a tiny risk remains. The more dubious the website, the greater the risk becomes. Obviously, a criminal managing to get one of the large websites like Amazon or Google infested, means major trouble. Freeware virus scanners are doing the job of active scans of the HD when manually prompted to do so. They almost never offer the full security suite of the commercial product, and never offer live protection when being online. Get a decent security suite for money. Tune it manually for maximum settings. Same for firewall: the commercial products offer more options and insurrances, than the free versions. Liv e email protection also is something you want to have. Get a decent malware scanner as well. They are complementary to virus scanners. While one should not have two firewalls and two virus-scanners running at the same time, a virus scanner and a malware scanner is okay. They are not the same. Get rid of Java. Avoid Flash, ActiveX scripts where possible. Ban all cookies, chose manually which ones to accept and store. Set your browser to tightest options possible. Run in a sandbox. Use a pop-up blocker. Default settings in separate scanner software often are set to medium settings. Check carefully and push them all up as high as you can, considering your surfing habits. Keep them all just below that level where you cannot surf reasonably anymore. "Reasonably" obviously has different meanings for different people. The taste for risk is just this: a question of taste. Some like it hotter, some prefer mild. But any possible billing in the future will be at your cost. All this does not bring your security risks to zero. But it reduces them and makes it more likely that an alarm goes on when an intruder penetrates your defenses. And that is what it is about: that you become aware your system is done. If you got hit: DO NOT REPAIR, BUT FORMAT AND REINSTALL. A compromised system remains to be a compromised system, no matter how many messages you get that a repair was successful. I know its a PITA, but there you have it: you never can be certain the infestation really has been defeated, or just cleverly deceived you. So kill that damn HD, take no prisoners. It is good advise to have a trustworthy image on a separate, physically unconnected HD. Systems running two parallel HDs where the one is a life twin of the other, do not protect you against malware infestations, since if one HD got compromised, the other must be considered compromised as well - it is physically connected to the system, right? Such system are not meant to safeguard against infestations, but accidental data dropouts. A good image of an original default installation with all software you need and all options tuned is good. Having images once a month means they represent older and older installation states, and in case of trouble you cannot be sure you do not use an already infested image for reinstalling. For restoring a system, use the earliest image you can afford - distance in time means distance to the infestation. The HD keeping the image of my system after original and complete Windows and software installation, is a holy item to me. __________________ If you feel nuts, consult an expert.