Posts Tagged ‘malware’
Did you know someone can change the setting on your router so all your internet traffic goes through their servers and from this they can get your bank details as well as other personal information?
Routers come with a standard password and I usually use this to access clients routers without even asking if they know the password. This is because the router is usually the last place someone thinks of needing a password or they simply have not known it. Now, well for some time, criminals have taken advantage of it, they have developed malicious code to change your setting on the router.
This looks like the computer is affected by a virus but even after a computer has been cleared of everything it still has the same error and all computers will show the same symptoms. You may net even get any symptoms which makes it worse.
When you go to a website your computer does not know where that website is hosted so it looks for a DNS server. On nearly all home routers this will be set to get the address of these servers from your ISP automatically. So when you type in a website address it goes to these servers and they look up where the website is, return this information to your computer and you get the website displayed on your computer. This virus changes the settings so it does not get the DNS server of your ISP but theirs so they can see what you are doing and intercept any data they can.
For the full report see Forbes
How do you change this password? If you are confident then search for your routers model number and for the instructions. This should tell you what to do, if you are not sure then get a technician in to do it for you. It does not take long and you will know that this virus can not affect you.
I have tweeted about this before but now Google has started to warn about it. Scareware is where a malicious piece of software disguises itself as a normal program but then demands money from you otherwise your something will happen.
I have always seen the fake anti virus ones that pop up and can not be closed down, they say your computer is infected and unless you pay a set fee to buy this program then they will not remove anything. The truth is that program is the malicious code and often adds other malicious programs which, even if you did pay, it would not remove them. The name of this program changes every so often, one was called anti virus 2009.
Anyway back to Google, they scanned 240 million web pages over 13 months, January 2009 to February 2010, and found that fake anti virus programs accounted for 15% of all malicious software. Over 11,000 web domains were involved in the distribution of the fake anti virus software. This attack is mainly aimed at Windows machines and is usually delivered through ADVERTS. The reason I highlighted adverts is I often get asked if it was because someone in the household had been on ‘adult’ sites, while some will be on adult sites most are now using normal looking website so they can get a greater infection.
Some of you may remember the good old days of dial up internet access and the pearls it brought with viruses. The dreaded dialler virus where it would disconnect your modem from your ISP and then dial a premium rate number costing up to and sometimes over £1 per minute. By the time you realised what had happened or you got your phone bill you quite often had to pay several hundred pounds after all dial up was slow and took a while to do anything online and if it had a lot of pictures then you had tine to make a coffee. Now these people were clever in that they muted your modems speaker and had it done so quickly you just thought that it was taken a bit longer than normal to load a web page.
Well they are back but not for your computer but for your new shiny smart phone. Security firms have noticed a rise in the amount Trojans known as diallers. like their older relatives they dial premium rate numbers and you then get hit by a large bill and they get some of that money.
Writing on the CA security blog, Akhil Menon said
it was seeing a "an increasing trend of trojan diallers.
Mr Menon profiled one such virus, called Swapi.B, which sends premium SMS messages.
"The messages sent out are in the typical format to invoke premium services and land the mobile user with heavy mobile bills without the user’s knowledge and consent,"
Mikko Hypponen, head of research at F-Secure which makes security software for mobiles, said
it had seen a "handful" of diallers in recent months.
They were popular because they get round one of the big problems facing anyone wanting to make money out of Windows viruses. PC malware can’t just directly steal money from your machine; it has to jump through hoops like keylogging your credit card number or sending spam.
However, mobile malware can just instantly steal from you by making premium-rate calls or messages. Some diallers sent messages or rang many different numbers, including legitimate ones.
The trojan can place calls to, say, 100 different premium-rate numbers, only one of which is his own number. How would you fight this? Shut down all the numbers, including the innocent ones?
A lot of people still think that you only get viruses by visiting porn sites but this is not true. I have seen computers being infected from normal looking sites and even sites which are legitimate websites but had been hacked into and malicious code inserted but the overall look was not alerted.
If you want to protect your phone from this type of attack then you will need a mobile anti virus program. F-secure make one and if you search around you will find others as well.
