ANOTHER DAY AND ANOTHER ATTEMPT TO COMPROMISE YOUR COMPUTER?
This is why you cannot trust any message from any organization and/or individual …
In the past 24-hours, I have received a number of legitimate-looking e-mails from banks, internet service providers, e-mail hosting companies, and companies all claiming that I was entitled to some form of free money. Many requiring me to respond with my personal information and/or banking details. Some requesting a relatively small processing charge to unlock my megabucks windfall bonus. Personally, I think they would have been more credible soliciting a bribe for an elected official rather than asking for a processing charge. And, some just relying on your curiosity (and/or greed) to get you to click on an attachment that would initiate an attack on your computer.
The message …
From: ALERT
Sent: Friday, March 28, 2014 3:28 PM To: undisclosed-recipients:
Subject: Payment NotificationYour urgent response is needed to the payment notification attached to you. Kindly read and feed us back with your observation.
Clickable File Attachment: Payment Receipt
What was contained in the file attachment …
__________ ESET Smart Security warning, version of virus signature database 9609 (20140328) __________
Warning, ESET Smart Security found the following threats in the message:Payment Receipt.scr - a variant of Win32/Injector.Autoit.AJS trojan - deleted
Payment Receipt.scr > UPX v13_m8 - a variant of Win32/Injector.Autoit.AJS trojan - was a part of the deleted object
Payment Receipt.scr > UPX v13_m8 > AUTOIT > script.bin - a variant of Win32/Injector.Autoit.AJS trojan - was a part of the deleted object
Payment Receipt.scr > AUTOIT - is OK
What is Autoit?
AutoIt Microsoft’s free automation language for Windows and creates script-like (think macros) commands that can be used to automate Windows functions. .Before you research any virus, be advised that the Google (or any other search engine) can lead to pages that will infect your computer. It can also be used to create malware that deliver payloads that can compromise your system and steal your data.
The Autoit.ajs is a trojan that earches for and steals passwords saved for certain Windows services.It terminates running security processes y tools that leave your computer vulnerable to other malware attacks.
The file payload extension is “.scr” (System Configuration Repository) and is only readable by the Windows operating system.
Bottom line – BEFORE you push that button …
Here are some of the best practices you might consider:
- Always maintain a reliable backup of critical information – especially non-executable data files (you can always reinstall the original program)
- Install and maintain an effective anti-virus/anti-malware solution.
- Update and patch all programs as soon as practical.
- Do not open any attachments unless you are absolutely sure that they are benign. ‘
- Not storing passwords in Windows programs for convenience.
- Separating your professional and personal activities.
- Avoid porno, sports, and celebrity sites.
- Avoid networked drives and computers.
You may wish to go beyond these provisions by:
- Reading all e-mails in a text format and disallowing all attachments.
- Using a designated “user” account without “administrator” privileges.
- Disabling known malware vectors associated with Adobe Flash, and Microsoft Silverlight
- Turning off all third-party toolbars and browser helper objects.
- Virtualizing your machine to allow for fast recovery in case of infection or other compromise.
- Testing new programs in a virtual “sandbox”
If you do not know what these measures are or do not want to be involved with security issues, limit your activities. And while it sometimes becomes tedious, you may wish to visit Steve Gibson’s GRC (Gibson Research Corporation) at https://www.grc.com/securitynow.htm and check out Steve Gibson and Leo Laporte talking about various security issues.
BE AWARE AND BE SAFE …
-- steve
“Nullius in verba”-- take nobody's word for it!
"Acta non verba" -- actions not words
“Beware of false knowledge; it is more dangerous than ignorance.”-- George Bernard Shaw
“Progressive, liberal, Socialist, Marxist, Democratic Socialist -- they are all COMMUNISTS.”
“The key to fighting the craziness of the progressives is to hold them responsible for their actions, not their intentions.” – OCS "The object in life is not to be on the side of the majority, but to escape finding oneself in the ranks of the insane." -- Marcus Aurelius “A people that elect corrupt politicians, imposters, thieves, and traitors are not victims... but accomplices” -- George Orwell “Fere libenter homines id quod volunt credunt." (The people gladly believe what they wish to.) ~Julius Caesar “Describing the problem is quite different from knowing the solution. Except in politics." ~ OCS