most memorable hacker / malware experiences (1 Viewer)

neuroman9999

Member
Local time
Today, 04:18
Joined
Aug 17, 2020
Messages
827
anybody got any good ones? perhaps screenshots of what you ran into? I saw this the other day when opening FF:

ff_fake_update.jpeg


and of course I ran through the motions of getting rid of it:

https://www.linkedin.com/posts/adam...redetection-activity-6708360748118241280-q7oz

But, if I haven't posted this before and no one knows about it, apparently the russians are doing some good work to keep the corporate world on their toes:

https://blog.morphisec.com/wastedlocker-ransomware-causes-enterprise-havoc

malware that's designed to be undetectable by the windows OS!? WOW. I would assume that windows defender is a little too weak to handle something produced by the Russians.
 

kevlray

Registered User.
Local time
Today, 02:18
Joined
Apr 5, 2010
Messages
1,046
Some years back after I had just installed an OS (Windows XP I think). No sooner than I get the computer set up for the internet I started getting popups saying that my computer was infected and to click on the button to fix (NOT!!!). Of course when I got my software firewall set up, it went away.
 

AccessBlaster

Registered User.
Local time
Today, 02:18
Joined
May 22, 2010
Messages
5,823
If you have a good clean image stashed away either on a hidden partition or removable storage, you can sleep easy. I have the basic malware protection Windows 10 provides, I could careless if it's up to date or not.
 

neuroman9999

Member
Local time
Today, 04:18
Joined
Aug 17, 2020
Messages
827
I could careless if it's up to date or not.
I would seriously doubt windows could help you in this day in age. I use my brain. I have no anti-virus *anything* installed on any of my machines. The reason => they cause more problems than they solve. Kind of like corporations!
 

The_Doc_Man

Immoderate Moderator
Staff member
Local time
Today, 04:18
Joined
Feb 28, 2001
Messages
26,996
It is, of course, your choice. However, I would be terribly remiss if I didn't warn anyone else who reads this thread. Your choice is one of the riskier ones that can be made. If you have exposure to the Internet and visit web sites, just remember that it is possible for hackers to hijack a site if that site's level of protection is not up to date. At that point, without an anti-virus package to scan web downloads, without a package to examine your e-mail, without a package that can detect malicious behavior, you are at serious risk of being hacked by secondary infection - contact with a hacked site.

I say this as a person holding CompTIA Security+ certifications as well as U.S. Navy security certifications. With over 28 years of experience in U.S. Navy security procedures, and having seen the twice-monthly Information Assurance Vulnerability Alerts for years, I know that NO operating system is totally safe. Even "stateful" firewalls don't completely help. I know that Jon has a post elsewhere in the forum about the number of hack attempts. When I was with the Navy Enterprise Data Center in New Orleans, one of my fellow admins got a secondary hack by visiting the New York Times on the Web. THEY had a link that had gotten hacked. He was also certified but clicked on a link he thought he could trust - and it was a new hack that got by our anti-viral signature scans. He had to wipe his machine and resort to a not-very-recent backup.

Adam, again I say it is your choice to not use an anti-viral package and I will not question your motives. But my years of expertise tell me that you are not being a good role model for our newer members in regards to this specific subject. That is the mildest way that I can put it, though I actually feel MUCH stronger about it than my words might have indicated.
 

neuroman9999

Member
Local time
Today, 04:18
Joined
Aug 17, 2020
Messages
827
I appreciate what you've said @The_Doc_Man . and you're probably right, as if beginners read this, they are probably thinking that I'm insane by not having any protection on my machine. but dare I say again, that this decision of mine as it stands now, is being made because I am very good reader of people and I can get the truth out of almost anyone even if I never meet them. So in my eyes, I'm not in too much danger. But then again Richard, I've got so many backups of crap at my place, if I ever did lose anything, I could probably restore it in a few hours. I didn't mention that part, did I?
 

Isaac

Lifelong Learner
Local time
Today, 02:18
Joined
Mar 14, 2017
Messages
8,738
Can't resist commenting on this topic, as it's a pet peeve of mine. My view: Pretty much every anti-virus program I've tried behaves more like a virus than a virus does. They cause a myriad of problems, not the least of which is extreme slowness in many cases. Yes they have various options that can be set, but trying to figure out what options need to be adjusted - rules, ports, etc. etc. - for a particular app you are running can be difficult to figure out. Even when you do, the app may still be being blocked based on some invisible thing the AV is doing. I've had AV programs that are harder to remove from a computer than a virus is - in my view that qualifies as malicious software. This especially applies to AV components that have made deals with companies like Dell, HP, etc., and ship WITH the machine.

- Every year or so for the past 19 years I try a major AV software (McAfee, Norton), just to double check if the situation is any better. It never is. I always end up removing it.

- In my entire life, I've never had viruses other than a small handful of times, something minor, that was easily removable by following instructions I found online. And frankly...I always knew what stupid thing I'd done to cause them. Always. Never in my life of 24/7 PC use + four family members have I EVER gotten ANY kind of virus based on being smart while doing normal things.

- I DO turn on, utilize, and fully allow the built-in Windows AV things--Defender and everything else.

- I pay attention to browser settings, recommended settings, and Chrome warnings, the combination of which is very advanced these days and serves as an AV shield itself.

- I use a lot of common sense, from the knowledge level of a tech saavy person of course, when it comes to where and how I browse, and from where and what I download. I have my family members trained to come to me first when deciding what to click on in the really risky scenarios--Like downloading "free mp3's", for example.

I'm not saying this approach is for everyone. Everyone has their unique situation and varies VERY widely. People have different ports open, use different types of software, and browse different types of websites. People have different behavior and use different security defaults. And I'm only referring to typical personal PC use....Not commenting whatsoever on servers, websites, etc.

But for me personally, it's absolute hands-down against any major A.V. software. They behave horribly, worse than a virus, and I've avoided viruses my whole life by using common sense and built in Windows safeguards...and Chrome. IF it were true that AV software was lightweight, less impactful to daily life, and behaved perfectly--Sure, I'd get it--like any other type of insurance. But weighing my experience vs. the potential benefit....No. In practice (not sure about theory), I'm like @AccessBlaster
 

AccessBlaster

Registered User.
Local time
Today, 02:18
Joined
May 22, 2010
Messages
5,823
Anti virus software is updated only after "they" learn of a new attack. So you get infected by new malware before its known.

I will say it does a bang up job on old threats 😀

BTW my images have printer config and WiFi config, and just about everything else required.
 

Isaac

Lifelong Learner
Local time
Today, 02:18
Joined
Mar 14, 2017
Messages
8,738
I've always jokingly thought to myself that it's no wonder John McAfee took off like a shot, backpacking around central america and hiding on boats after he ruined half the world's computers. I always thought "Bring that guy in on destruction of property charges!" :p Ha..just kidding. I know he had other legal problems.
 

The_Doc_Man

Immoderate Moderator
Staff member
Local time
Today, 04:18
Joined
Feb 28, 2001
Messages
26,996
Statistically, it ain't the new viruses that get you. It's the old viruses against which you have no protection 'cause your A/V isn't updated often enough.

Maybe I'm jaded, but I have a powerful enough machine that I don't have issues with slowdowns. I have a Dell XPS 3900 with a 1 TB SSD and 16 GB of RAM with an Intel i7 that handles 4 x dual core CPUs, for 8 total threads. My system doesn't slow down for much of anything. I have my A/V set for auto-update on a regular basis and auto-scans at staggered intervals.

If you have an adequate A/V package that includes behavioral heuristics, it will catch the attempt to encrypt system files such as the article you shared with us, Adam. And there is a simple rule for ALL updates. If you get a Windows update notice but the download isn't from something in the Microsoft.COM domain, it ain't legit. Similar rules apply for things like Adobe.COM (for PDF managers), EPSON.COM (for printer drivers), etc. etc.

Yes, if you are unlucky enough to fall prey to a zero-day attack, you will have grounds to feel unlucky. But the odds are that what gets you won't be a zero-day attack at all. It will be a well-known hack, virus, trojan, or other kind of malware. I cannot tell anyone what to do. All I can do is verify that the world is full of risks and some are easier to avoid than others.
 

AccessBlaster

Registered User.
Local time
Today, 02:18
Joined
May 22, 2010
Messages
5,823
If you have an adequate A/V package that includes behavioral heuristics, it will catch the attempt to encrypt system files.....
I truly never worry about systems files they can be restored, I do however worry about things I create or need to save. Therefore I do backup my docs folders and keep them on a remote storage device.

There are free programs that can freeze a session of windows while surfing the net, they are not VPN's. You do not get any privacy with these type of programs but you also do not get infected during that session.
 

neuroman9999

Member
Local time
Today, 04:18
Joined
Aug 17, 2020
Messages
827
I have a Dell XPS 3900 with a 1 TB SSD and 16 GB of RAM with an Intel i7 that handles 4 x dual core CPUs, for 8 total threads.
I absolutely despise dell because they have always made cheap junk, but man those specs make that a beast! You've surely got yourself covered with that one. :)
it ain't legit.
hasn't anyone ever told you that "AINT" AINT A WORD!? You should know better, at your age. :rolleyes:
 

neuroman9999

Member
Local time
Today, 04:18
Joined
Aug 17, 2020
Messages
827
and by the way Richard, any computer for sale nowadays that's worth anything will have SSD.
 

The_Doc_Man

Immoderate Moderator
Staff member
Local time
Today, 04:18
Joined
Feb 28, 2001
Messages
26,996
True, but if you look up the XPS 3900 you would find it is not at all a new machine. It has just been "tweaked" a bit. After all, I AM a gamer.
 

neuroman9999

Member
Local time
Today, 04:18
Joined
Aug 17, 2020
Messages
827
I AM a gamer.
oh please! God help us. Yet another freakin gamer on this Earth...and a grandpa to boot! Which brings me to another question Richard....do you have advice for me if I wanted to purchase my own server for the purpose of hosting my own website/product back-end storage?
 

The_Doc_Man

Immoderate Moderator
Staff member
Local time
Today, 04:18
Joined
Feb 28, 2001
Messages
26,996
That will always depend on budget. You need to start by specifying capacity issues and do some online research on the subject of how much memory you will need per intended simultaneous user of your site. Granted, web-site users don't take up TONS of space, but you will be generating logs of what they do if you are retaining sales lead for your product. Always start with that balancing act of capacity and budget. Then and only then you can make some serious decisions. But I have to admit I don't know what you will need in detail. The servers I managed for the Navy were not web-based. They hosted databases and custom non-web apps, which made for different capacity studies. Besides which, I am out of touch with my sources who would be able to advise me. It has been four years and we've had new generations of servers AND software in the interim.
 

neuroman9999

Member
Local time
Today, 04:18
Joined
Aug 17, 2020
Messages
827
well thanks Richard. what I'm looking for really, just to start, is a server that can host a website. but, I intend the website to hole a huge amount of content, and of course it will be advertised on various platforms, so my plan is to generate at least some traffic to the site. and of course if it gains any ground whatsoever and people find it very valuable to keep returning and download the content, then I will have to make decisions about how much power I will need for storage of data in the BE DBs and/or transaction concurrency from an unknown number of people all around the world.

I also have a plan to make the language's content available in all major languages throughout the world, but I'm not sure if I will use google's resources or just some Python libs to do that. Haven't gotten that far at the moment.
 

The_Doc_Man

Immoderate Moderator
Staff member
Local time
Today, 04:18
Joined
Feb 28, 2001
Messages
26,996
Adam, the advice I give to others, I will give to you. Start by laying out a map of what you want to build. You can never know you got there if you don't know where you are going.
 

neuroman9999

Member
Local time
Today, 04:18
Joined
Aug 17, 2020
Messages
827
You can never know you got there if you don't know where you are going.
I don't need your help in this Regard Richard. The source of my inspiration to do what I'm doing is something you don't understand. But thanks anyway. =)
 

Users who are viewing this thread

Top Bottom