Rant number 888
It's finally happened.
Maybe I've just been lucky, but 4 minutes ago I just got my first pop-up advert on my iPhone.
I searched for 'spectrum games review' and clicked [touched?] on the first link, I think, and up pops an advert for frikkin' 888.com!
Counting the days til the first* iPhone virus checker.
Toby
*please feel free to point out how behind the times I am.
Maybe I've just been lucky, but 4 minutes ago I just got my first pop-up advert on my iPhone.
I searched for 'spectrum games review' and clicked [touched?] on the first link, I think, and up pops an advert for frikkin' 888.com!
Counting the days til the first* iPhone virus checker.
Toby
*please feel free to point out how behind the times I am.
Post edited by Tobo on
Comments
won't happen.
Mainly because it's not necessary because of the way the iphone only runs signed binaries and each is individually sandboxed.
The Anti Virus industry is very annoyed about it. There's no way to pull their usual trick for extracting protection money on the iphone platform. :smile:
OK
http://www.theregister.co.uk/2009/12/22/iphone_worm_analysis/
I've just spent the last 3 hours putting my computer right after one of those malware masquerading as virus checker software popped through my defenses.
At first there was a blank square on my little sys tray which didn't go away but nothing happened at first so I ignored it. A little while later my computer starts running quite slowly and the hardrive's going beserk, then I noticed a little white shield appear where the blank square had been a few hours earlier. Then I get the whole your system is under attack bumph popping up in one of those little balloons that annoyingly pop up every now and then.
So I try running spybot, and it tells me I can't run it cos' it's infected so I right clicked on the anti-virus thing and got what properties I could from it to try and find where it had stashed itself. Obviously not that good of a virus as it gave up it's location. It seems to create a hidden folder called "Kaka". So I go digging around looking for "Kaka" I can't use any of the find/search tools because apparently their .dll files were "infected". So I went digging manually, low and behold when I find it it's called Laptopantivirus or some equally weak name like that. Well obviously I couldn't delete it cos' I didn't have permission, so I thought right I'll google it and see how to deal with it.
But no it started throwing up a well ropey looking google styled splash screen telling me google was an unsafe site and I needed to install anti-virus software. So for a laugh I checked WOS same bumph.
Basically task manager and msconfig were apparently infected as well, and it wouldn't let me turn off so I pulled the plug. I figured if I did that it's settings would be lost anyway, it kinda so when it starts up again I can't get back online, and low and behold the anti virus pops up again. so after faffing around for another few minutes I tried a really cheap trick. I figured spybot is queued up to run first so I pulled the plug and the second spybot popped into the tray on reboot I ran it, it worked so I scanned and got rid of a load of crap that this antivirus thingy had probably opened the gate for. Anyway long story short Spybot throws up about 4 million registry changes so I denied them all but the last one was a change to some driver software something to do with a user bar or a help tab, and the deny change button was greyed out. This must've been the phony antivirus' swansong because I got rid of the bastard but it took my internet connection with it.
So after arsing around again for a while trying to get it working I gave up and did a system restore (which said bogus anti-virus software wouldn't allow me to do either).
First virus/malware that's got me in over 5 years, funnily enough the last one was on my old PC back home and was a primitive version of this crap, the not so menacing Security i-Guard (which was a piece of piss to get rid of compared to this one) :lol:
now running a linux computer that has never crashed or been infected with anything....
You be surprised how many seemingly harmless sites unbeknownst to its developers carry viruses and malware. Commonly they seem to arrive with the interactive banner ads that might be flash or the like.
format the hard drive and restore it from the latest back up image! :p
ten minute job, luvvly jubbly :-)
Well I've had no trouble yet, but I got curious, so I read up on it. It must be a pretty new threat as all the removal guides and info seems to have been uploaded to various techy sites within the last 3 days.
Also all of my sys files I had under suspicion had all been modified on the 22nd or 23rd. I did my system restore to the 22nd the system marker was from around 5AM. I was at work then so I wasn't browsing or anything so that's where I restored it to.
I think I know where the file came from, it's from a rather dodgy games site I go to every now and then, but my blockers are usually enough to keep the pop ups and crap like this at bay, but obviously not this time.