Got this from our security team today

superdave1984

superdave1984

Repeat Offender
Messages
1,986
Location
KY
I think it's from Yahoo, but if this is legit it's a really bad dog.

"Careto" is the name of "a sophisticated suite of tools for compromising computers and collecting a wealth of information from them," reports The Washington Post.
This malware is frighteningly sophisticated, and we don't know who created it

Here's how it works.

It sends out emails designed to look as though they were sent legitimately from news sources like The Guardian and others. A population of people end up clicking on a link that takes them to a shady site that scans their computer for vulnerabilities. It works against Windows, OS X and Linux systems, and there may be iOS and Android versions on the way.

Once infected, a computer surrenders pretty much any info the malware wants. It can collect "network traffic, keystrokes, Skype conversations, analyze Wi-Fi traffic, PGP keys, fetch all information from Nokia devices, screen captures and monitor all file operations."

And lest you need a reminder, no one knows where it came from.

If you want to dig into the nitty-gritty of it all, Kaspersky Labs released this extensive report on Careto that gets into a lot of the scarier technical details.
http://www.securelist.com/en/downloads/vlpdfs/unveilingthemask_v1.0.pdf
 
browser and machine security is critical to prevent these attacks. update windows, internet browsers, and other software. lower internet browser security. do not logon to windows as a admin user.
 
office politics said:
browser and machine security is critical to prevent these attacks. update windows, internet browsers, and other software. lower internet browser security. do not logon to windows as a admin user.
Click to expand...


What do you mean by browser security? I've always been a Firefox fan although I'm not certain that's a great option. I avoid internet explorer because of the active x controls. I use malwarebytes for AV and utilize the tools that came with it for registry cleaning and startup speed up. I've noticed I still get a few pop ups. Is there something I should add to my systems to secure them better?


Sent from my iPhone using Tapatalk
 
i do not know firefox too well so I can't comment on it. I had other people tell me its a memory hog. I've started using chrome a while back because i thought it loaded pages faster than IE. I'm liking Chrome less now after I added a number of extensions or plugins to it. It too becomes a memory hog when adding this new stuff. However, I still like to use it for Reddit Enhancement Suite. My default browser is set to IE again. You could goto internet Options > Security and change the security level for certain zones. Higher Security level can prevent the activex control from running. The higher security level may break websites trying to load on your machine. Enabling uAC is another way to prevent bad software from installing on your pc.
 
Like office said, any browser you load with add-ins is going to get bogged down eventually. I just prefer Firefox because of "NoScript". I run that in conjunction with AdBlock-Plus.
 
office politics said:
browser and machine security is critical to prevent these attacks. update windows, internet browsers, and other software. lower internet browser security. do not logon to windows as a admin user.
Click to expand...
More so common sense. IMO if you're not smart enough to realize the email is bogus then maybe you need to learn a lesson (not you, just people in general). That's just how I see it. I can't even count how many times I've looked just at an email subject without clicking and say "ha, BOGUS" and delete it.
 
Yevrag35 said:
Like office said, any browser you load with add-ins is going to get bogged down eventually. I just prefer Firefox because of "NoScript". I run that in conjunction with AdBlock-Plus.
Click to expand...

+1 that's the perfect setup.

Edit: I can't decide if this is better or worse than Cryptolocker. At least with Cryptolocker you know you're infected...
 
Question - since on this subject. If your running the browser on private settings - "incognito" in Chrome, or " private window" in Firefox, and I think there is one in IE as well. Does that automatically prevent scripts, etc. or not?
 
acerinpa said:
Question - since on this subject. If your running the browser on private settings - "incognito" in Chrome, or " private window" in Firefox, and I think there is one in IE as well. Does that automatically prevent scripts, etc. or not?
Click to expand...

Like warpro said, no. Incognito/private browsing just doesn't store cookies/history.

If you want to block scrips, then use what warpro suggested or get NoScript for FireFox. Haven't found an equivalent for Chrome yet.
 
You must log in or register to reply here.

Similar threads

richardwilson
Is it legal to use spy apps and software to monitor our kids or spouses' digital activity?
Replies
3
Views
577
pete.i
P
O
hello & mostly clueless & would appreciate mac security help after trojan attack!
Replies
0
Views
931
once2023
O
T
New here
Replies
1
Views
359
MemRefreshABC
MemRefreshABC
G
How to prevent online applications from getting information about my device
Replies
9
Views
2K
Scissorman
S
R
windows upgrade nightmare (dell laptop from home to pro win11)
Replies
8
Views
1K
camilasaunder89
C
Back
Top Bottom