Results tagged “worm”

A new iPhone worm has been detected in the wild and it surely indicates more on the way. This is the second one reported in the last two weeks, but both only attacked jailbroken iPhones. There's no mention of iPod Touches in the new, but the only thing that keeps them from being hit is that they're not constantly connected on the 3G networks.

For safety's sake, if your 'Touch is jailbroken, change the root password for the system from the default "alpine". There's no good reason to assume that a jailbroken iPod Touch can't or won't be attacked anytime that it wanders through a drive-by infested website.

To change your default SSH root password is simple:

1. logon to a terminal session: either by SSH into the iPod, or by using the "Mobile Terminal" app. 

2. At the terminal prompt, issue the command "passwd". You'll be prompted to enter your new password twice. Make it anything but the default "alpine" but be smart. Not recommended: "materhorn".

That's it.

By far, the largest number of "virus" calls that we receive these days are about "scareware".  Scareware is a class of malicious software ("malware") that pretends to be helpful but which is actually up to no good.

Scareware always appears as an urgent message on the computer screen, typically warning that the computer has been infected with a virus and insisting that the user should "click here now" to remove the virus.

If you do click, then you'll typically go to a screen that will "scan" your computer and report back that it found 40 or 50 or more viruses -- one or two of which will be real, because the scareware put them there.  It will then offer, for 50 or 60 dollars, to remove the virus that it put into your computer.  

Do not pay!  It won't take the virus out of your computer. It may hide it for a week or two, but it will be back and it will ask for the money again.

As you can see, this is just plain bunko. A cyber version of the protection racket. Other variations will more blatantly hold your computer as a hostage by just saying that they've got your computer and they want money to give it back. They may go so far as to try to encrypt your data to make it unusable until you pay.

This includes Macintosh computers by the way -- the first scareware for Mac's was reported in 2007 and it's proliferating like mad.

How to avoid scareware:

Be aware and alert when you're online. Scareware lurks everywhere on the web. Scareware crooks will try to hide their malware programs on otherwise fine websites or they will even go so far as to masquerade as legitimate advertisers on well-known and reputable websites. In the past they've been discovered on FoxNews.com, NYTimes.com, Yahoo, Google, Facebook and Twitter.  The point is; it can show up anywhere.

Talk about scareware with everyone who uses your computer.  Make sure that everyone knows how to deal with pop-up messages and particularly, how to identify a legitimate warning from your antivirus program. There are so many variations of the scareware messages that it's a good idea to point out that anything that is not clearly from your antivirus program or your operating system is, in fact, a fake message from scareware.  No matter how real it looks, it is a fake.

Make sure that everyone knows how to deal with scareware -- either by calling you or by taking a safe action toward it.

Keep your computer operating system up-to-date.  Turn on the automatic updates from Apple or Microsoft to make sure that your system has the latest security patches. Both companies provide security and other updates free, online.. 

Keep your anti-virus program up to date. Scareware and other malware will always try to get around your security software and may even try to disable it, but antivirus remains your first and most vigilant line of defense; so, make sure you have it and that it is always up to date. 

When attacked, act immediately.  Unfortunately if you see a scareware warning window, your computer has probably already been infected but it's important to take immediate and careful action against it.

Do not click on the scareware window or try close the scareware alert window by clicking anywhere on it.  Any attempt to close the window by normal methods will just cause it to go to it's next step against you. 

(Note: this is different advise than used to be given, which was to use the red "close" button. That's no longer useful.)

Instead; force the scareware window to close using your operating system's tool for that.

In Mac OSX: make sure that the offending scareware window is the active window then just press Command-Option-Esc. That will bring up the "Force Quit" window. Say "OK" to force the scareware window to close.

In Windows: first, open the Task Manager by pressing Ctrl-Shift-Esc in Vista or 7 or Ctrl-Alt-Del in XP. (hold down all three keys at the same time).  Once in Task Manager, on the "Applications" tab, highlight the browser in the list of running programs and then click "end task".  

It may take a few seconds (or even many seconds) for the window to close. Window will ask you to verify that you want to close it. Say "Yes" or "OK".

Finally, for both Windows and Mac: Immediately run a scan of your computer with a trusted and up-to-date antivirus program.   Use the "full" scan option if it is available.

After the antivirus scan, restart your computer and try to use it as usual.  Keep an eye on it for any unexpected or unwanted behaviors. If that warning window keeps popping up, then the program is still there and you'll need to call someone like me to come and clear it out.  

Note please, that if you did click on the scareware window and then followed the steps to purchase the offered software, the outlook is not great. You can try to search Google for ways to fix the problem, but you'll probably need to call a local computer pro to help you get rid of it.