Potential ‘big bad### botnet’ spreading fast*

The ‘Downadup’ worm is spreading quickly and now infects more than 3.5 million PCs, according to the security company F-Secure.

In a blog post on Wednesday, F-Secure put the total number of infected machines at an estimated 3,521,230 — a rise of more than a million machines over the previous day’s tally…

Wow. A million new infections in one day..

Folks, to read the rest of this article (clipped from ZDNet) by David Meyer and Tom Espiner, click here.

[update 1/19/09: over 8 million now. Here’s the latest (and how that number is arrived at), Calculating the Size of the Downadup Outbreak]

January 16, 2009 Posted by techpaul | computers, cyber crime, News | article, biggest, botnet, david meyer, downadup, f-secure, fastest growing, infection, malware, tech news, tom espiner, zdnet | 2 Comments

Botnets Beheaded

The Web hosting company used by some of the world’s biggest botnets and spammers went dark this week after several of its Internet service providers cut its connections.

As a result, the demise of San Jose, Calif.-based McColo, which has played host to botnet servers and other nefarious activity, has led to a sudden drop in worldwide spam by nearly two-thirds, according to one security firm.

For more, please read this Washington Post article.

[note: while this is, indeed, good news; and the people who did the takedown are to be applauded, the truth is that these guys will probably be back in business again within a week.]

[update: 11/17/08, Michael Kassner at TechRepublic has a good synopsis, and reports that McColo is already back online, in his latest post.]

November 14, 2008 Posted by techpaul | computers, cyber crime, spam and junk mail, tech | botnets, cybercrime, mccolo, servers, shut down, spam, washingtonpost | 2 Comments

Botnets hurt Rockies and, poison .pdf’s (updated)

You have to feel sorry for the Colorado Rockies, even if you’re not a fan. After a miraculous run of victories swept them into World Series, the Red Sox slammed them 13-1 in Game One (ouch!). To add insult to injury, their online ticket sales website crashed (after only 500 tickets were sold) on Monday, which they believe was the result of a cyber-attack; namely a DoS attack launched from a botnet.
“Our website, and ultimately our fans and our organization, were the victim of an external, malicious attack that shut down the system and kept our fans from being able to purchase their World Series tickets,” Keli McGregor, team president, said Monday in a news release.

Very early in the history of Tech–for EveryoneI wrote two articles which discuss botnets and how your computer could be a zombie without your knowing it — and a couple of steps you can take to prevent a hacker from using your machine to mail out spam, or launch attacks.

The first I titled “Some basic security pointers #1“, which I always think of by its opening sentence, “is your computer a zombie?”. In it I discuss User Account passwords, what makes a good password, and the hidden Windows Administrator account, and provide a link to a tool that tests the effectiveness of your firewall. (Click the links to view the articles.)

The second article was titled “The FBI and Operation: Bot Roast” which opens by asking the question, “is your computer a threat to national security?” In this article I discussed malware, such as rootkits and trojan horses, and how hackers use these to take control of your machine, and use it for their own, nefarious, purposes. I explained what a botnet is, and I provided a link to the pages on my business website where I list several dozen links to the best free antivirus and anti-spyware tools.

Tip of the day: Read these important articles and get educated about hackers and their evil programs, and then download the tools, and take the preventative steps, and thwart these Evil Doers. It is a fact that your machine can be used to interfere with our economic system and way of living.

Tip of the day #2: Do not open any PDFs you receive via email for a while. (Loyal friends and true will note that this is the first time I’ve posted two tips in one day.)
There is currently making the rounds an exploit that uses a trojan horse embedded in a poisoned .pdf attachment to download malware onto your machine. The exploit uses a vulnerability in code found in IE 7 on Windows XP. Microsoft is aware of this, but has yet to release a patch (through Windows Update).
If you aren’t sure what an “exploit” is, I discussed it in an article titled “These folks had a very bad day“, which discusses exploits and vulnerabilities and how this is the Number One hacker technique for gaining control of your machine. In it I demonstrate how to configure your firewall and Update settings, and provide a link to website which will scan your machine for unpatched vulnerabilities and help you get updated and protected.

[update 10/30: From Secure Computing–
Ken Dunham, director of global response for iSight Partners, told SCMagazineUS.com today that one of his source’s honeypots received the infected email once every 10 seconds. This indicates “a fairly heavy spamming taking place,” especially for home users in advance of the weekend, he said.

The shadowy Russian internet service provider, Russian Business Network (RBN), is behind the attacks, which attempt to infect users with two rootkits that seek to steal personal and financial information from compromised PCs, Dunham said.

“You have what looks like a PDF attachment,” he said. “It’s actually exploit code designed to download code from a remote server.”

Adobe patched the bug Monday, so those who upgraded to Adobe Reader 8.1.1 and Acrobat 8.1.1 are safe.”

Today’s free link: By clicking the links to the three articles posted above, and scrolling down to this section of the posts, you will find links to 50+ highly rated free security tools. Please, take advantage of them!

You can help improve this blog by answering a 5-question opinion survey Click Here to take survey

Copyright © 2007 Tech Paul. All rights reserved.

Do you appreciate all the free advice and links to safe and free software I provide six days a weeks–ad free? Do your friends (and me) a favor and let them know about Tech–for Everyone.

Share this post :

October 25, 2007 Posted by techpaul | advice, anti-spyware, antivirus, computers, firewall, how to, IE 7, PC, security, tech, Windows, XP | botnet, Dos attacks, patches, trojan horse, vulnerabilities | 2 Comments

Okay.. Let’s cast a critical eye..

At the bottom of an article about how, for a few bucks, ANY-one can buy a ‘kit’ and make their own Android Ransomware (see, Easy-to-Use Apps Allow Anyone to Create Android Ransomware Within Seconds) we are advised how to ‘stay safe’ from such unhappy things..

How to Protect Your Android Devices from Ransomware Attacks

In order to protect against such threats on mobile devices, you are recommended to:

1. Always keep regular backups of your important data.
2. Make sure that you run an active anti-virus security suite of tools on your machine.
3. Avoid downloading apps from unknown sites and third-party app stores.
4. Always pay close attention to the permissions requested by an app, even if it is downloaded from an official app store.
5. Do not open any email attachments from unknown sources.
6. Finally, browse the Internet safely.

And let’s analyze that advice with our critical eye:

1. Always keep regular backups of your important data. Because it’s not a question of if you’ll get screwed, it’s a question of when.
2. Make sure that you run an active anti-virus security suite of tools on your machine. No arguements. If it connects to the Internet you NEED this. But KNOW THIS: it’s only a semi-effective shield, NOT bulletproof armor.
   
3. Avoid downloading apps from unknown sites and third-party app stores. Or even regular ‘stores’, as we’ve seen them get ‘poisoned’ already (Google Play Store, recently [see https://thehackernews.com/2017/08/android-ddos-botnet.html]). So let’s just change it to: Do NOT download apps.
   [edit 9/18: and yet again. See this http://thehackernews.com/2017/09/play-store-malware.html.]
4. Always pay close attention to the permissions requested by an app, even if it is downloaded from an official app store. Utterly pointless to advise this. First of all no one will. Second, were ‘average people’ to start doing this, they’d have no clue what all that ‘tech jargon’ means. And 3rd, most apps don’t offer you any choices with ‘Permissions’ – if you want the app, you have to accept the ads and the spying. So let’s just use my #3 as our guide.
   
5. Do not open any email attachments from unknown sources. Um. People who still do this have never read a tech article in their life. So they aren’t seeing this.Those who do (read articles) KNOW email is still a favorite way for the criminals to infect your machine. MY advice? Unless someone you know has told you, “I’m sending you a document”, don’t open it – period.
6. Finally, browse the Internet safely. What? Great advice! Only one problem — there is no such thing. ( Um … I guess that translates to “don’t look at pron”?)
7. Do not ‘jailbreak’ or ‘root’ your device. (Okay.. so I had to add one.)

* * *

Today’s quotable quote: “Lighten up, just enjoy life, smile more, laugh more, and don’t get so worked up about things.” ~ Kenneth Branagh

Copyright 2007-2017 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.

---

>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<

---

All we really have, in the end, are our stories.
Make yours great ones. Ones to be proud of.

August 28, 2017 Posted by techpaul | advice, Android, cellular, consumer electronics, cyber crime, e-mail, gadgets, Google, hackers, Internet, mobile, News, privacy, security | android, Internet, kit, ransomware, safe, stay | Leave a comment

This is why so few posts..

I see headlines like this everyday.

And nobody seems to care.

LATEST NEWS Nov 29, 2016

Cyber Attack Knocks Nearly a Million Routers Offline Mirai Botnet is getting stronger and more notorious each day that passes by. The reason: Insecure Internet-of-things Devices. Last month, the Mirai botnet knocked the entire Internet offline for a few hours, crippling some of the world’s biggest and most popular websites. Now, more than 900,000 … Read More

San Francisco Metro System Hacked with Ransomware; Resulting in Free Rides Nothing is immune to being hacked when hackers are motivated. The same proved by hackers on Friday, when more than 2,000 computer systems at San Francisco’s public transit agency were apparently got hacked. San Francisco’s Municipal Transportation Agency, also known as MUNI, offered free rides on … Read More

Hacker who exposed Steubenville Rape Faces longer Prison term than Rapists Remember Steubenville High School Rape Case? In 2012, Steubenville (Ohio) high school’s football team players gang-raped an unconscious teenage girl from West Virginia and took photographs of the sexual assault. In December 2012, a member of the hacker collective Anonymous hacked into the … Read More

Researchers Show How to Steal Tesla Car by Hacking into Owner’s Smartphone New technology is always a little scary, so are Smart Cars. From GPS system and satellite radio to wireless locks, steering, brakes, and accelerator, today vehicles are more connected to networks than ever, and so they are more hackable than ever. It’s not new for security researchers to hack … Read More

Beware! Malicious JPG Images on Facebook Messenger Spreading Locky Ransomware If you receive an image file sent by someone, even your friend, on your Facebook Messenger, LinkedIn or any other social media platform, just DO NOT CLICK ON IT. Even JPG image file could eventually infect your computer with the infamous Locky Ransomware. Earlier this week, we reported a new … Read more..

Worse, there’s too many people using computers who’ve never even heard of ‘ransomware’.

Well.. I’ve been pointing to important headlines such as these since 2007. Been doing my part. It’s up to you people to educate your friends and loved ones with the bleak picture. The handwriting’s on the wall, folks.

Copyright 2007-2015 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.

---

>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<

---

All we really have, in the end, are our stories.
Make yours great ones. Ones to be proud of.

November 29, 2016 Posted by techpaul | cellular, cloud computing, computers, consumer electronics, cyber crime, Cyberwarfare, e-mail, gadgets, hackers, Internet, News, tech | 6 Comments

Consider these three..

Folks, put your thinking caps on and consider these three headlines, found in my inbox today.

1) Mirai botnet attackers are trying to knock an entire country offline

2) Hundreds Of Operations Canceled After Malware Hacks Hospitals Systems

3) Google Home review: A promising step towards the future

* * *

Today’s quote: “A state of society where men may not speak their minds cannot long endure.” ~ Winston Churchill

Copyright 2007-2015 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.

---

>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<

---

All we really have, in the end, are our stories.
Make yours great ones. Ones to be proud of.

November 3, 2016 Posted by techpaul | hackers, Internet, News, tech | Leave a comment

Excellent Internet Safety How To Tips

Folks,
The folks at Emisoft have posted an very nice, very informative article – with a Halloween theme, to make it fun – which provides security knowledge I think every web surfer should know. Please read this, and forward it on to your friends and families.. especially the naive, clueless, and careless ones (you know who they are). Pay special heed to Fact#3.

Internet Zombie Defense Training, or: How Not to Become a Bot

Going on the Internet can be like walking through a post-apocalyptic city, where half the people you pass want to eat your brain.

In the post-apocalyptic city, these “people” are called zombies.

On the Internet, these zombies are infected computers, and we call them bots.

Bots and botnets are one of the most fundamental (and frightening) concepts of modern day malware. They are, very literally, networks of infection that allow their masters to hijack thousands of victims’ computing resources, to carry out any number of nefarious deeds or attacks over the Internet, for financial gain.

Don’t want to get bit? Then read below (and aim for the skull).

Fact 1: A group of zombies is much scarier than just one

Imagine going one-on-one with some undead ghoul. Do you hit it in the head, or just run away? Either way, you’re probably going to live to see another day. That’s how it works in the movies, at least. Individual zombies are pretty weak, but, in hordes, they are terrifying.

Strength in numbers applies to botnets as well. With botnet malware, the aim is to infect as many devices as possible. Once infected, devices become linked to a “Command and Control” server, which can issue remote commands.

Fact 2: Zombies like brains

Botnet masters connect their victims to Command and Control servers because botnet masters like brains. The more brain, i.e. computing, power a botnet master has at their disposal, the better. This is because botnets are used to carry out coordinated attacks, which combine the computing resources of thousands of machines. Such attacks have one primary motive: to make money for the botnet master, or for a paying customer who has requested the botnet master’s criminal services.

Fact 3: Zombies are evil

Like zombies, malicious botnets are pure evil. They exist solely to make money by wreaking havoc and destruction on everyone else.

Spambots hijack infected computers’ ability to email, as well as stored contact lists, to send out massive amounts of spam. Spam can be anything from annoying advertisements for sex products and diet pills, to malicious links and attachments that act as the “bite of the bot.” The increasing popularity of social media websites has now also attracted computing’s undead to places like Facebook and Twitter, where compromised profiles can be abused to spread comment spam.

Clickfraud botnets tell infected computers to go to a website and click on ads owned by the botnet master – or a client of the botnet master – making money for criminals AND slowing down your device by consuming RAM.

DDOS attacks tell thousands of infected bots to visit the same website at the exact same time, overloading the targeted site to the point of collapse. These “zombie swarms” are carried out to blackmail successful websites or to (illegally) take down the competition.

Bitcoin mining botnets such as Linkup can turn your PC into a mindless slave that dedicates its resources to creating various forms of cryptocurrency and making someone else rich.

Illegal material download or propagation can be carried out by bot computers without their owner’s knowledge or consent. In this scenario, the infected bot acts as a proxy, so that criminals can be criminals without having to leave evidence on their own device. Instead, the illegal activity – and potentially the blame – is shifted to you.

The ability to steal your financial information or identity usually comes included. “Command and control” means command and control, and, in addition to being used as a weapon, a bot computer can be told to share its stored information or its user’s activity with the botnet master, in numerous ways.

Fact 4: Zombies don’t know that they’re zombies

And if you’re implicated in a botnet, you probably won’t know that your computer has become a bot. Your device will very literally be hijacked and told to perform malicious actions without your consent, behind the scenes.

Fact 5: Zombies like to limp around and drool

Nevertheless, one of the best ways to spot a zombie is its characteristic limp. If your computer becomes a bot, the situation will be much the same. An infected computer is most often a slow computer, as botnet masters’ primary objective is to steal the infecteds’ computing power. Accordingly, if your computer is acting slower than usual, you may be surfing with the undead. To find out, a simple CRTL + ALT + DELETE and a perusal of the Task Manager can be revealing, however bot detection is not always so simple. Most modern botnet masters make explicit efforts to counteract user detection. It is also important to note that even uninfected PCs carry out a number of important background tasks without explicit user consent, and that disabling these tasks in a fit of botnet paranoia can be just as disabling as actual infection!

Fact 6: Zombies lurk in the shadows

In most zombie-ridden after-worlds, you can spot members of the undead rotting and groaning from a mile away. This is not the case with botnets. Unlike zombies, botnets rely on deception, and they are typically propagated as Trojans or through social engineering. Botnet malware may deliver its payload through a malicious attachment disguised as something it’s not, or via a link to a fake website that surreptitiously initiates a “drive-by” download. Botnet masters may also disguise their creations as what appear to be useful apps – even security apps! – to get users to download and become part of their scheme.

Fact 7: Once you get bitten by a zombie, you are not the same

In many a zombie-flick, it often happens that one of the main characters gets bitten and infected. At this point, there is usually some (very brief) debate over whether or not the once-trusted comrade should be nixed. Typically, a cool headed hero will rise to action and do what needs to be done, much to the hysteria of his or her less rational team mates. “It needed to be done,” the hero will then explain. “He just wasn’t the same.”

With botnets, the situation is quite similar. You may know (and love) your PC or your mobile device with every beat of your digital heart, but once it becomes a bot it is no longer the same. The infected device will have a mind of its own, and it will no longer be that “trusted friend.” Any information you share with it will become accessible to the botnet master, and all that extra computing power you invested in will be consumed, as your device becomes a slave.

If you suspect your computer has become a bot- don’t wait. Contact our experts immediately, before the infection spreads. Zombie assassination is always free to anyone who requests it. Why? Because we like doing it.

Fact 8: Zombies have one big weakness

You’ve got to smash their brains.

With botnets, this doesn’t mean taking a hammer, a bat, a shotgun, or your post-apocalyptic weapon of choice to an infected device – but, it does mean getting inside the head of a botmaster. One need not understand the technical specifics of botnets proper to achieve a solid defense – just like no one really knows how zombies work, technically. For the average user, just knowing that botnets exist is almost enough on its own to avoid infection. From there, it is simply a matter of identifying the most common infection mediums…and not walking around the graveyard after dark.

Always use your brain – Whether it’s a website, an “urgent email,” or a personal messages sent through social media, always think before you click – otherwise your machine may be turned into a thoughtless, clicking machine! If you plan to download pirated software or media, you should also know that you will regularly be brushing shoulders with the undead.

Always take care of your weapons – Just like in the movies, it’s you against the somnambulant horde. The leaner, the faster, and the more efficient your weapons (i.e., software and applications) can be, the lower the odds you’ll get turned into a walker. Botnet masters specifically design their creations to exploit known weaknesses in popular software, so as to infect as many devices at once as possible. Avoiding infection is often as simple as enabling auto-updates on all of your main applications, and flat out discarding those programs you do not use so that you don’t have to worry about vulnerabilities. As an added benefit, this practice will increase the overall performance of your machine.

Always travel in a group – Fact #1 applies to the good guys too. Zombie slayers and botnet bruisers are strongest in groups. If you notice a strange background task operating on your PC, you should Google it and see what other people have to say. For specific files, you can also use Emsisoft’s isthisfilesafe.com.

Today’s quote: “I actually think that the most efficacious way of making a difference is to lead by example, and doing random acts of kindness is setting a very good example of how to behave in the world.” ~ Misha Collins

Copyright 2007-2014 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.

---

>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<

---

All we really have, in the end, are our stories.
Make yours great ones. Ones to be proud of.
And please, never forget – one person can make a difference.
Find a way to make someone’s day today.
(Best advice I ever heard? Don’t sweat the small stuff.)

October 29, 2014 Posted by techpaul | advice, how to, Internet, security | advice, how to, Internet, security, security knowledge, self-defense, tips | 4 Comments