Saint_Michael 3 Report post Posted September 26, 2007 I was going through my usual Yahoo security news and I though I post this up and hopefully shed some new light on protecting yourself from malware Don't mind me--I'm only here to break your PC: It's like sending in a different scout each time to open the gate for the rest of the invaders. The "Glieder Trojan" and many others use a multistage infection process whose first step is a tiny program that the crooks can change constantly so your antivirus watchdog is less likely to recognize it. Once it gets in, the downloader tries to disable your security before pulling down the real payload, which could be a data stealer or anything else the attacker wants.I find that interesting as it seems that the definition of Trojan has given itself an update in the last few years, since trojans back in the day were mostly used just to get inside the computer system, while viruses and worms would unleash their own payloads. Now it seems malware programmers found a way to combine two technologies into one; I should go duh since I pointed out the obvious to you uber geeks out there but it seems to make more sense now, to me at least. Some Information on the Glieder trojan. Locked and encrypted Web sites? No problem: Web sites can and should use secure socket layer (SSL) to encrypt and protect sensitive data such as bank account log-ins. (When a lock icon appears in the address bar, that indicates the site is using SSL.) But the "Gozi Trojan" and its ilk evade SSL protections by making Windows think they're part of the process, so your data leaves IE and goes through Gozi before it's encrypted and sent out on the network. Instead of spying on your keyboard, which many security programs watch for, these apps roll into the OS as fake layered-service providers (LSPs). The SpamThru, SpyAgent, and Jowspry Threats I would assume that keyloggers are in someway connected to this, , or with a cracker gets in your system installs a program that send emails containing the data and stuff. Nonetheless, this trojan would be a dangerous one in the fact that if a user does have this installed and is unaware of it, then someone will be enjoying their account either be that of email or online banking. Here is an interesting story about that trojan and the damage it has caused. Malware that scans your PC for malware: An extra antivirus scan can only be a good thing, right? Not when it just gets rid of rivals to the "SpamThru Trojan." This nasty introduced a pirated, pared-down version of Kaspersky AntiVirus (which Kaspersky has since shut down) to delete other malware so it could have the victim PC to itself to use as a spam sender. If the PC had a real antivirus app, SpamThru would attempt to block its updates, preventing it from identifying new threats.Now this I find interesting, a person would design a false anti-virus program to cover its tracks, I find it interesting that these designers only went after Kaspersky and none of the other anti-virus programs out there, either way the programming to this trojan was interesting that it would delete other maleware and then have enough room for its own destuction. Info on this trojan. Equal-opportunity encryption: Encrypting sensitive data and protecting it with a password helps shield it from prying eyes. But the "SpyAgent Trojan" enters the encryption game, too. When installed on a Windows PC with the Encrypting File System (which is included in Windows 2000, XP Pro, 2003 Server, and 2005 Media Center), SpyAgent establishes its own administrator-level user account and uses this account to encrypt its files. You--or your antivirus software--would have to guess the account's random password to decrypt and scan the malicious files to confirm they weren't supposed to be there.Now this one puzzles me just a bit but I take a wild guess and say that this little program does two things first encrypts itself so it be impossible to get rid of and two sends that random password to the designer of that trojan so as to enjoy a users computer. Story on this trojan Hi, firewall. I'm Windows Update. Honest: Firewalls protect computers and networks from bad guys' efforts to go in or out. So the "Jowspry Trojan" masquerades as something known and approved--Windows Update. The crafty malware makes its connections look like the Background Intelligent Transfer Service used by Windows Update, and unsuspecting firewalls let it download more attack programs to your PC.If I remember correctly I made a topic about hackers/crackers using something like this in order to bypass the firewalls and enjoy themselves on a users computer. Story on this trojan Of course the usual answer to help protect from malware is make sure your computer, anti-virus is updated, don't open suspicious email attachments, etc. etc. Share this post Link to post Share on other sites
t3jem 0 Report post Posted September 26, 2007 It's amazing how much viruses have progressed. I remember a story a few months ago about the anneversary of the first virus, how it just started as a little joke, but now it's just amazing of the diverse ways you can get a virus. Anything you do you have to be so careful these days. Unfortunatly, we know that it's only going to get worse as time progresses. Share this post Link to post Share on other sites
hitmanblood 0 Report post Posted September 27, 2007 Well I see simple solutions to this install nice anti malware software that is anti-virus software clean your system. And before all switch to the mozilla firefox. This will certainly make your computer secure. Share this post Link to post Share on other sites
mahirharoon 0 Report post Posted January 9, 2008 Well I see simple solutions to this install nice anti malware software that is anti-virus software clean your system. And before all switch to the mozilla firefox. This will certainly make your computer secure.firefox is slow(note : this may be my last post see my profile comment for more info) Share this post Link to post Share on other sites
pop 0 Report post Posted January 9, 2008 viruses have progressed but so has knowledge of internet users. at first when you start using internet it's easy to get a disease but with time as you start to understand good from bad online virus risk drops from 98% to, well i would sam 0%. for me, i don't have neither anti-virus or firewall tool or any spyware/malware removal tool. feel free to hack my un updated windows XP and i will congratulate you.what is virus?it can be dangerous, but common sense tells you where you can catch a virus. if you go running around naked on cold and snowy day or if you cut yourself and don't use some sort of medicine you will catch a virus. same is with computers! if you surf on pages that are in their own meaning scamalicious, like porn sites, warez sites or similar, you DESERVE to get a virus! those sites are nests filled with all sort of viruses, and if you don't protect yourself with some sort of medicine you will be infected!as for normal user, which knows few great websites, he doesn't even need tools for protection. so, if you are sick person visiting all sort of suspicious porn sites or crack/warez sites then you'll be even sicker. but if you are normal, then you will not be infected with this "dangerous" thing called a virus. Share this post Link to post Share on other sites
