quote:Over the last week, "Blackworm" infected more then 700,000 systems as measured using a counter web site used by the worm to track itself. This worm is different and more serious then other worms for a number of reasons. In particular, it will delete a user's files on February 3rd.
Posted by quidscribis (Member # 5124) on :
Thanks for the info, human. The article says that if your antivirus signatures are updated after January 23rd, then it'll be caught, so it's good to know there's already a cure created.
I'm covered, then. Mine updated yesterday.
Posted by Goody Scrivener (Member # 6742) on :
Wonder what happens if we don't update and just leave the computer completely off on the 3rd...
Posted by rivka (Member # 4859) on :
quote:I'm covered, then. Mine updated yesterday.
Ditto! Posted by human_2.0 (Member # 6006) on :
"Wonder what happens if we don't update and just leave the computer completely off on the 3rd..."
Depends on if the code is:
if ( today == Feb 3rd ) { delete files }
Or if code is:
if ( today >= Feb 3rd ) { delete files }
You could probably find out by making sure you are infected, then setting your clock to Feb 4th. Posted by Ela (Member # 1365) on :
If I were you, Goody, I would update. Why take a chance?
Posted by Kitsune (Member # 8290) on :
Uh oh, I don't have any antivirus software.. what if I avoid all email attachments and zip files?
Posted by Kwea (Member # 2199) on :
You don't have to pay a dime, and it protects it at least a little, which is more than you have now.
Kwea
Posted by kojabu (Member # 8042) on :
Bah my antivirus updater hasn't updated in awhile. It hates my computer.
Posted by quidscribis (Member # 5124) on :
Or it could be a sign that you have a virus infection. Posted by kojabu (Member # 8042) on :
It's program specific though. Macafee worked fine and updated, but Norton didn't.
Posted by quidscribis (Member # 5124) on :
Ah.
Well, ditch Norton, then.
Posted by Alex Johansen (Member # 9090) on :
I use only free programs, but I find that most of them are a bit on the shoddy side. I have AVG, and it hardly finds any viruses. Or should I say it pops up a box for every virus it finds, but then it does nothing about them. When I search my computer with AVG it just finds one or two. Antivir is way better, and when it finds a virus during its continuous search, it pops up a box asking me if I want to:
and a few more options I believe. I use ZoneAlarm, which kind of stinks, but it can cut out all internet access to programs on your computer that want access. I also have Spybot, which is as good as, if not better than Microsoft's Adware/Spyware program, which both help to stop (or allow) changes to certain lines of code in your programs, like your start page, or your start up values. The last program on my list is Adaware, it's not bad, but I haven't updated it in a looooong time, it works the best, or maybe it just doesn't totally delete the viruses (or spyware in this case) it finds. It gets a lot, around 5-20 each search.
Also, I was reading about blackworm from that FAQ by Human
quote:How would I get infected? The worm spreads via e-mail attachments or file shares. Once a system in your network is infected, it will try to infect all shared file systems it has access to.
Basically, if you or your co-workers don't use a P2P program you should be fine.
Posted by quidscribis (Member # 5124) on :
Interesting. We use AVG because it finds more virii than either McAfee or Norton and it works flawlessly for us.
Posted by Kwea (Member # 2199) on :
I have a Sygate firewall, Spybot, SpywareBlaster, SpamSubtract, RegScrubXP, and AntiVir virus protection.
It works better than the Earthlink firewall and ant-virus stuff....that crashed my computer constantly and messed up my desktop for weeks until I deleted it completely. Posted by Alex Johansen (Member # 9090) on :
I use the free version of AVG, that's probably why.
Post Scriptum: Where do I get spyware blaster and regscrub? Are they good?
Posted by quidscribis (Member # 5124) on :
Nope, we use the free version of AVG as well.
Posted by human_2.0 (Member # 6006) on :
At my campus (University of Utah) the IT admins are currently discussing anti-virus software on the mail list and it has been strongly agreed that AVG is the best. AFAIK, there is no diff between the free and commercial one, except that businesses have to pay for the free version, thus making it the commercial version.
Posted by human_2.0 (Member # 6006) on :
quote:Originally posted by Kitsune: Uh oh, I don't have any antivirus software.. what if I avoid all email attachments and zip files?
You can't avoid everything. I'm a Mac user, so I'm not positive on this, but I believe the system will sometimes load stuff behind your back.
I hope you have automatic Windows Update running and you are on top of it. It takes something like 5 minutes for an unpatched Windows computer to get compromised once it is connected to the network.
If you are compromised, then your computer is probably sending spam, sending EVERYTHING you type to some criminal (who is hoping for credit card numbers usually), or it is participating in hurting other companies by attacking their servers.
If you have a camera connected to your computer, someone else may be watching your camera when you least expect it. The funniest story I heard is of a fat guy using his computer and behind him there was a beautiful girl on a bed, and a cracker finally couldn't resist and popped up a message on his screen asking him why he was using the computer...
Computer security isn't an option. You are either protecting yourself, or you are part of a serious problem that is enabling a huge criminal epidemic to do their work.
Posted by Papa Moose (Member # 1992) on :
quote:You are either protecting yourself, or you are part of a serious problem that is enabling a huge criminal epidemic to do their work.
That sounds a lot like blaming the victim, and reminds me considerably of the recent discussion concerning clothing choices.
You know, just sayin'.
--Pop
Posted by human_2.0 (Member # 6006) on :
When one of the best solutions is free and there are geeks hiding under rocks all over to help with installation, I don't see how anyone can excuse not having anti-virus software.
But you are right, I am being harsh. I just wanted to convince Kitsune to install something. Considering she hasn't done so already, I figured it would take more than the normal amount of fear mixed with guilt...
But I do believe that people who don't protect their computers are a problem. I didn't read the clothing thread you are talking about so I don't know what you are refering to. But if it is anything like "skimpy dressed girls are asking to be attacked", I believe the issues are different.
A computer is more like a car IMO. Nobody is going to say that people who don't obey traffic laws and get in wrecks didn't bring it on themselves. And they are a danger to other people who are obeying traffic laws. And that is how I view protecting your computer.
Posted by human_2.0 (Member # 6006) on :
And last night I was wondering what was the first virus, and here I find the answer today! The first computer virus is 20 years and 6 days old.
Posted by kojabu (Member # 8042) on :
Well I got that AntiVir Guard and let it scan while I was at class; it didn't pick up anything. *phew* Now I just hope it'll update itself like a good virus scanner should.
Posted by Tinros (Member # 8328) on :
What's the point of a virus that gives you forewarning?
Posted by human_2.0 (Member # 6006) on :
I don't believe it gives warning ("Hey, I'm going to delete your files now"), I believe people who have discovered the virus figured out what it does. Not sure. Just a guess.
Posted by human_2.0 (Member # 6006) on :
*bump*
quote:The Blackworm, Nyxem, Blackmal, Mywife ... has started. The offical name is CME-24, with information available at: http://cme.mitre.org/news/index.html#20060124a This particular virus/malware will permanently corrupt and/or delete files starting February 3, 2006, and the 3rd of every month there after. It appears the clock on some machine is incorrect, and files are currently being tampered with.
The bottom line - don't open attachments, even from people you know, unless you are expecting one. Recall, there are viruses out there that propogate the virus to addresses found in an infected machines address book. Patch, update your antivirus software, retain backup copies of critical documents and software, remove uneeded network shares.
Posted by human_2.0 (Member # 6006) on :
And this is very interesting. From SANS:
quote:This is a great opportunity to establish a financial liability precedent for negligence by ISPs and system owners. The ISPs have several days to inform and protect their customers as does every other large network owner such as government agencies, academic institutions and large companies. If you learn of anyone who is damaged by this worm, please connect them with me (paller at sans.org) and we will work together to make sure that ISPs and network owners who are in a position to protect their users understand that not providing such protection will be considered negligence and carry penalties.
The above comment is in response to a UK ISP that is warning its users that they are infected.
Posted by human_2.0 (Member # 6006) on :
*Bump*
Tomorrow is the day.
Posted by Earendil18 (Member # 3180) on :
Thanks for the reminder! *downloads AVG*
Posted by Teshi (Member # 5024) on :
quote:What's the point of a virus that gives you forewarning?
It doesn't. The virus attacked people whose computer clocks were set wrongly (i.e. ahead).
Posted by sweetbaboo (Member # 8845) on :
AVG updated! Thanks human 2.0!
Posted by dantesparadigm (Member # 8756) on :
Question
I have a Mac, so I have nothing to worry about from this worm, but I have no anti-virus protection because I was afraid I'd download a bad one that just ended up slowing down my computer. Do I need one, and if yes which one is ideal for a Mac?
Secondly the first virus was Elk Cloner made in 1982. The funny part is it infected Macs. Not to be contradictory, I was just interested in the same thing and found different info.
<edit> spellchecking after you post doesn't help...
[ February 03, 2006, 06:05 PM: Message edited by: dantesparadigm ]
Posted by Morbo (Member # 5309) on :
dante, assuming you have a firewall running, if you're worried about CPU load, you could just have an AV prog scan at preset intervals, plus e-mail scanning. Not as secure as running AV constantly, but better than none at all.
Posted by human_2.0 (Member # 6006) on :
dante, That is funny about Cloner.
What OS are you running? There are OS 9 viruses so you have to run AV software with it. Although I never got a virus when I used it (probably because I never shared software much).
There are no known OS X viruses. You could spread Windows viruses though in Word documents or email attachments.
There is OS X malware but there are few ways to install stuff without users knowing. Here are the possibilities:
- Weak passwords and services like SSH and FTP. I've known many OS X boxes get cracked by SSH brute force and weak passwords. - You go to the bathroom and someone sneaks up and installs something. Seriously, inside jobs are common. - A malicious app could install stuff like the "free screensavers" you see offered for Windows all the time. However, there are no known malicious apps like this for OS X! But I'm amazed how willing people are to download anything. Because of Unix permissions, some say the damage from this type of attack is limited (where Windows is much more vulnerable). True, a non-technical programmer can't do much damage, but savy programmers can. There is currently a local root exploit in 10.4.4 but I seriously doubt many people actually know how to exploit it.
To sum it up, 1) if you are careful what you download and run, 2) you have strong passwords, and 3) you run no services, then you have little to fear.
And a word about Mac AV software. It often causes more problems than it will protect you from. I was talking to my boss about UPS's the other day. In my experience, they *cause* more power outages than they protect you from! So YMMV.
Posted by Ela (Member # 1365) on :
MacWorld reviewed antiviral software about a year ago, so you could take a look at that article.
A lot of Mac users seem to find that antiviral software slows down their system. I personally have never bothered to install an anti-virus program.
Posted by Tatiana (Member # 6776) on :
Did anyone get hit by this worm?
Posted by Goody Scrivener (Member # 6742) on :
All the machines in my office are fine. I was honestly more worried about my boss' computers than about my work or home machines. One in particular has yet to get it through his thick skull that you don't download files when you don't know who they're from... but I was able to confirm that both their computers had updated DATs and were scanned yesterday. And neither of them crashed and burned today.
My home computer was running slow yesterday so I did a full shutdown when I went to bed last night (as opposed to just logging off). Again, I know I have current DATs and fresh scans, so I'm not too concerned. And I may be out most of the night with my sister and the kids anyway, so there's a chance I won't reboot till morning, in which case it would be moot for this month.
Posted by dantesparadigm (Member # 8756) on :
Thanks for the info. everyone
I think I wont worry about getting anything yet and trust in common sense.
Posted by human_2.0 (Member # 6006) on :
dante, oh, you will know it when there is a Mac OS X virus. It will be headline news. Everytime there is *almost* a sign of Windows like problems, it hits front pages everywhere. Ok, so the world I live in is a very small Apple dominated world. Anyway. I'm sure I'll post something here!
![[Smile]](smile.gif)
![[Wink]](wink.gif)
![[Frown]](frown.gif)
![[Big Grin]](biggrin.gif)