 |  |
| |
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows 7. The Windows 7 forum also covers news and updates and has an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.
Windows 7 - New Worm Leading to Rogue AV Is Spreading on Twitter
| |
| 01-22-2011 | #1 |
| | New Worm Leading to Rogue AV Is Spreading on Twitter Quote: Security researchers from Kaspersky Lab warn that a new worm rapidly spreading on Twitter spams rogue goo.gl URLs that direct users to fake antivirus distribution sites. The spammed links take users through a series of redirects until landing them on an obfuscated scareware attack page. According to Kaspersky Lab's Nicolas Brulez, the obfuscation is based on a JavaScript implementation of the RSA encryption algorithm. "RSA is used as an obfuscation technique more frequently than any other, since the private key is available in the JavaScript page. The modulus 'N' seems to be 26 bits in length most of the time, which is ridiculously small," the researcher notes. The fake AV variant served in this attack is called "Security Shield" and one interesting aspect about it is that its graphical user interface is localized depending on the language of the operating system. |
My System Specs |
| 01-22-2011 | #2 |
| | This is why I don't let stuff from the internet do system scans of my system. This is where you also need to know what your system is doing as well as its health. If I run into a page that tells me I have a virus or my system appears to be faulty, I close that page immediately as I know it's a fake because I know where my system is. If I have doubts, I don't my own scans/diagnoses using my own tools or those provided by Windows. In short if you know your system and know what it's doing these fakes are easy to spot. |
| My System Specs |
| 01-22-2011 | #3 |
| | Of course.  Not everyone has our knowledge, discipline or experience. {Often negative experiences are the best "teachers."} |
| My System Specs |
| . |
| |
| 01-22-2011 | #4 |
| | 
Quote: Originally Posted by JMH  {Often negative experiences are the best "teachers."}  |
| My System Specs |
| 01-22-2011 | #5 |
| | Scan finished. 9 out of 19 scanners reported malware - MD5: bae499fc5844d814f942e870900c9d57 - pack.exe - Jotti's malware scan  |
| My System Specs |
| 01-22-2011 | #6 |
| | I'm sorry but I’m a little reluctant to click that link. What is it? - virusscan.jotti.org Looks like a scan website to me.... something to which I said I avoid. Thanks. |
| My System Specs |
| 01-22-2011 | #7 |
| | Belt & braces there Andrew?  Tis best to be wary. |
| My System Specs |
| 01-22-2011 | #8 |
| |  Can never be too careful I'm adventurous but.... |
| My System Specs |
| 01-22-2011 | #9 |
| |
Quote: Originally Posted by sygnus21 I'm sorry but I’m a little reluctant to click that link. What is it? - virusscan.jotti.org Looks like a scan website to me.... something to which I said I avoid. Thanks. And what do you mean by "avoid". Do you advise to avoid VT as well and why? |
| My System Specs |
| 01-22-2011 | #10 |
| | I actually just removed this from a neighbor's system a couple of days ago, couldn't for the life of me figure out where he picked it up though. ...didn't see twitter in his history. Malwarebytes + safe mode with networking took it right out with latest update though. |
| My System Specs |
 |
New Worm Leading to Rogue AV Is Spreading on Twitter problems?
| Thread Tools | |
| Similar Threads for: New Worm Leading to Rogue AV Is Spreading on Twitter | ||||
| Thread | Forum | |||
| Itunes error leading to brief BSOD | Crashes and Debugging | |||
| New Facebook worm spreading | Security News | |||
| Twitter worm hits goo.gl, redirects to fake anti-virus | Security News | |||
| Clampi virus spreading across UK and US PCs | System Security | |||
| Koobface Worm Comes To Twitter | News | |||
All times are GMT -5. The time now is 09:51 PM.
