Horrendous Attack!

The friendliest place on the web for anyone with an RV or an interest in RVing!
If you have answers, please help by responding to the unanswered posts.
See posts with no answers
Will, I read you loud and clear. You seem to understand hackers and crackers. You're ahead of me. Can you tell me the intent of the scum-bag that fostered this attack? What was his goal? Why? What did he expect to accomplish? Did he accompliish that? If this puts money in his pocket, from where? Who benefits, and by what?

Do these questions make sense? Or am I just a dying dinosaur?  ::)

Thank you, in advance.

Ray D  ???
 
Ray D said:
CujoQuarrel asks,
Not really, but I'll do the best I can.

........

Dani had tried to click out of the mess, never having experienced anything like that, before. She uses her compute for communication - E-Mail - mutual assistanace groups - some writing. She is no computer expert, barely beginner computer litterate. (She has had computers for 7 or 8 years.)

........

Sorry, not capable of describing it "delicately."
Click to expand...

Ok. It wasn't what I was thinking it was, the infamous "goatsee". Trust me. Don't look up the term.

Trust me.

And don't say I didn't warn you on that one.

ME

 
Ray D said:
Will, I read you loud and clear. You seem to understand hackers and crackers. You're ahead of me. Can you tell me the intent of the scum-bag that fostered this attack? What was his goal? Why? What did he expect to accomplish? Did he accompliish that? If this puts money in his pocket, from where? Who benefits, and by what?

Do these questions make sense? Or am I just a dying dinosaur?  ::)

Thank you, in advance.

Ray D  ???
Click to expand...

Why do people go around hitting mail boxes with baseball bats?

Some people are just a**h***s.

ME
 
Ray,

Most of the folks who maliciously exploit weaknesses in software and computer security simply see it as an irresistible challenge, something they have to do just to prove to themselves and others that it can be done. Although a small number do it to seek financial gain, for most it's just some kind of strange thrill ride that neither you nor I will understand.
 
Will said:
Well, considering the format of this attack, the type of "common sense" to protect against this type of attack is not so common.  Most people have never seen the Task Manager, let alone know how to use it.  This type of attack uses banner ads placed on LEGITIMATE web sites by marketing agencies who sell ad space.  You could pick this up by viewing ANY of the web sites you view every day.  This is why the problem is so wide spread.  It then runs a flash script that exploits a well-know, but as of yet unfixed, vulnerability in Internet Explorer.  I guarantee you that the Firefox developers have already released some type of patch for Firefox and Netscape to prevent similar attacks.

Internet Explorer is a poor choice for a browser because of Microsoft's poor attention to security vulnerability, combined with its extremely high profile, making it an easy target for crackers.

The article posted above shows that even Mac users were minimally affected, but were protected out of simply not being in the target of the attack.

The trouble with the "common sense" security is that it is more akin to living in blissful denial.  ALL computers connected to the internet are potential targets for hackers, and any one of them at any time could be infected.  The majority of computers I see in use by individuals have been infected by more than one virus and spyware program before they even take notice.  Case in point: I reformatted my hard-drive a year ago.  Reinstalled Windows, and the first and only thing I did with it was go to AVG's secure website to download a new copy of the antivirus.  I did nothing else while the program downloaded.  In 3 minutes, the file had downloaded, but I was unable to install it as my machine was already infected with a virus.  3 Minutes is all it took for a fresh machine to be infected, and I had done NOTHING online.

Norton, while bloated and busy, is better than nothing at all.  I prefer AVG, it works well enough and is free.  You sill need anti-spyware and a firewall too.  You just can't go without these things these days.  Even these things, though, will not fully protect your computer like avoiding being a part of the target audience, being the 85% of computer users who use Internet Explorer exclusively.
Click to expand...

What he said.

For people playing these pranks they'll go for the widest distribution of their malware. So there is "safety in obscurity". Almost all of these attack the vulnerabilities known in the most popular browser in the most popular OS (Internet Explorer on Windows). It's pretty much not worth their time to go after OS/Browsers with little market share, where would be the fun in that. You need to change at least one of these variables. If you are on Windows --- STOP USING IE ---. It is a poor browser to begin with , doesn't have anywhere near the features of the other browsers and is totally unsafe. Switch to Firefox or Opera. They work pretty much the same, have better advanced features and are much safer. If you can switch to Apple or Linux even better.

Let's face it most of these so called 'hackers' don't know what they are doing, they're using tools other people wrote and just filling in a few blanks. They think of it like a practical joke.

BTW. I hate practical jokes.

I'd really like to see people give Linux a try (I know, I know,  I keep harping on this). It's free. It's safe. You can run it alternately with your current OS. You can try it without changing a thing on your computer by using a boot from CD live version. You won't need a firewall or a spyware scanner or a virus scanner or any of the other tools you have to have with Windos.

And if you want to install it all you need is a little hard drive space , say 4 to 6 gigs and you're fine.

I'd really like to see people who are not computer scientests give it a shot just to get their impressions.







 
There is a new product out Girsoft is "parternering" with a company that makes a "Link Scanner" this pre-scans web pages for this type of .... Refuse... (politest term I could find) and refuses it.  Or so it says.  Don't know yet how it will affect computer performance as.. Well, Step one is do a full back up, THEN install the new anti-malware, then.. Well you get the picture,

Actually step one is download

I did download yesterday, Will do backup today or tomorrow and have a report sometime next week I hope.
 
It looks like those of us using AVG Free will have access to Linkscanner. 8)
 
Tom said:
Do you have a recommended distro of Linux?
Click to expand...

I like Ubuntu for pretty much the same reason people come to this board. It has a great big friendly user base.

For those of you that know what the word 'distro' is, it means a flavor of Linux. The main guts are the same but things like the window manager (in the windows world there is only one manager, explorer.exe) and what default software packages are included change. Some distros are narrowly focused at a particular target like running on old hardware, running from a USB key (yep it's possible), being a PVR like home entertainment center etc.

If you'd like to see a collection of distros try the site www.distrowatch.com.

The home page for Ubuntu is  http://www.ubuntu.com/.

If you want to give it a look WITH ABSOLUTELY NO RISK download the CD. You can boot on the CD and try it out to see how it works on your hardware and it won't make any changes to your  machine. Running from the CD is much slower than running from the harddrive like you are use to.

Dual booting (having both windows and linux) on the same computer is easy to set up. I did that on this laptop for a while till I realized I hadn't booted the windows partition in over 6 months and that was only to let a guy access our network to burn a DVD so I just turned the windows partition into a data partition.

And if you have a good graphics card the 'eye candy' now on the newer distros put Vista to shame......
[edit]Activated links.[/edit]

 
CujoQuarrel, I didn't follow your advice. I looked!

Yep, that's them!

What a nightmare!!!

For others, CujoQuarrel gave good advice.  ::) Save yourself some grief. Goatse is a loose association of extreme Santanists, some/many of whom, apparently are crackers, and are urged to create mayhem on the www, for the sake of the mayhem. It is, also, tightly associated with violent pornography and extraordinary self mutilation.  :mad:

Nothing there that anyone here would benefit from or enjoy.

I have a better understanding. Seen more of that than I want, in police work. Not meant to be understood, so it can't be.  :-\  ::)

Ray D  :-\
 
Thanks for the info and links. I've had Linux on one of my notebooks for a while, with the intent of becoming familiar/comfortable with it and eventually dumping the boys in Redmond, WA when I have all the apps I need. Can't recall which distro it is though.
 
Or if someone wants to ease the transition to Linux, Kubuntu has the KDE interface which is more Windows-like than Gnome, the default on Ubuntu.  I like the Ubuntu based distros, myself.  I would avoid Linspire and Freespire.
 
Ray some of the common sense surfing I am referring to are: Never click on a link that you are not sure of.  Never click on a pop up ad or any ad for that matter.

As for browsers I tried Firefox a couple times and have Even loaded it to evaluate problems others were having.  Never liked it.  I do use iRider which I much prefer over Firefox even though it cost a few bucks over the free Firefox.  Yes I am aware it is based on I.E engine.  But with common sense surfing, AVG, and Peerguardian I have never had an attack. 
 
Ray D said:
Will, I read you loud and clear. You seem to understand hackers and crackers. You're ahead of me. Can you tell me the intent of the scum-bag that fostered this attack? What was his goal? Why? What did he expect to accomplish? Did he accompliish that? If this puts money in his pocket, from where? Who benefits, and by what?

Do these questions make sense? Or am I just a dying dinosaur?  ::)

Thank you, in advance.

Ray D  ???
Click to expand...

Sorry about the delay, been busy with exams.
The fact that the cracker was able to execute his script on your computer at all means he at least accomplished one objective, to annoy you.  This same type of attack has many variations.  Your variation appears to be mainly to disturb and inconvenience you, in addition to try to  get you to download and install their software (not for free of course), presumably to get you to pay to keep the malware, which they are responsible for, away.  Sort of like a modern day mob and "protection money." 

By refusing to install the program, though, you denied him his pay and thusly thwarted his money making efforts.  Congratulations.

Most forms of computer attacks come with one of three goals: identity theft, money scams, and making your computer into a Pawn for their Bigger conquests.  You got the money scam.  The Identity theft types, though varying in severity from simple IP logging to dangerous key logging, are much more common and can be difficult to detect without scanning with respectable spyware scanners.  Other Malware allows hackers to use your computer, without your knowlege or permission, to send out spam emails or attack larger institutions.  Using this, Hackers were nearly able to halt the internet a few years back by using zombified pawn computers to attack the 13 central DNS servers.
 
You must log in or register to reply here.

Latest posts

Members online

Total: 1,133 (members: 27, guests: 1,106)

Forum statistics

Threads
131,930
Posts
1,387,710
Members
137,681
Latest member
skidsteerpilot
Back
Top Bottom