Spotlight On Malware: The Melissa Virus

Some of those reading may already know, but today, February 21st, is the birthday of a friend of mine: +Melissa Coast. So, as something that I hope she finds interesting when she reads this, I am going to talk about a macro virus from 1999 that shares her first name. So, +Melissa Coast, if you are reading this, Happy Birthday, and I hope you enjoy reading about a virus that shares your name. It may seem a bit offensive for me to talk about that, but remember that this is what I do best and it is not meant to be offensive in any way.

Now to the virus: Melissa (the virus) is a mass mailing macro virus, or a virus that can hide in the macros of documents. Some of you may already be thinking: "that sounds more like a worm then a virus." If you are, then leave a comment below for some brownie points, because under normal circumstances that is what it would be. But because Melissa is not a standalone program, it is not a worm. Melissa can spread on Microsoft Office 1997 and 2000. It can also spread on Excel 97, 2000, and 03. It can mass mail itself using Outlook 97 and 98. If a word document containing the virus is opened, it mass mails itself to the first 50 contacts in your Outlook address book. This virus also deletes Excel files after making backup copies to a remote drive and demands a payment of $100 into an offshore bank account in exchange for the files. A more destructive version of the virus deletes all data from a verity of destinations, including the C drive. Once finished deleting your files, the computer beeps three times and you get a message from the virus: "Hint: Get Norton 2000 not McAfee 4.02."

The least destructive version arrives in a document that is blank. At 10:00 AM and 10:00 PM on the 10th of every month, the virus adds the following text to the document: "Worm! Let's We Enjoy." Ironically the writer of this virus served 10 years in prison for his crime once he was found.

So, what do you readers think? Like it? Hate it? Sound off in the comments below. Again, Happy Birthday +Melissa Coast. Knowing you, you likely wanted to spend your day reading. In which case, I am sorry that this has prevented you from doing so in the time it takes to read this.

Read More

Spotlight on Malware: ILOVEYOU (the worm)

To all the readers on this fine February 14th, Happy Valentines Day. To celebrate, let's look at a worm that has the name ILOVEYOU.

The worm called ILOVEYOU, also called loveletter, arrived as an email attachment in 2000. This virus caused over 5.5 billion dollars in damage to business, the military, and to normal users. As a worm, it is infamous for not only causing that much damage, but also for the high number of modifications that could be made to it. Once infected, the worm overwrites files that have certain filenames. With a bit of programing knowledge, someone could make this worm more destructive by choosing to overwrite critical system files. If this is done, it makes your computer about as useful as a paperweight. It comes as a attachment claiming to be a text file from someone in your contacts, and the email claims that the "text file" is a letter professing the love of the sender to you. So you would likely trust this, you would wounder why your friend was professing his or her love to you. This is where both the names came from, the message title says ILOVEYOU, and the email claims that the file is a love letter. It is estimated that no business escaped the infectious charms of ILOVEYOU. If you are a victim, the virus spreads by mass mailing your email contacts the exact file that you thought was a love letter. And you were left cold, alone, and ashamed. *Tilts face down as if ashamed*

The email body said: "kindly check the attached love letter coming from me." So kindly comment below with any questions or comments and you may kindly get a response coming from me.*Smiles*

Read More

Spotlight On Malware: Mac Defender

Before we jump right in here, did you read my blog post about the fact that Macs can get viruses? Because if not, now would be a good time to do so.


Got it? Good.

Mac Defender (also known as Mac Protector, Mac Security, Mac Guard, and Mac Shield) is a rogue antivirus program that can be installed by unwitting Mac users. This rogue was the first big malware attack to hit the Mac operating system, even though it did not damage any part of the operating system. Users typically encountered the program when clicking on an image found on a search engine. It appears as a pop-up informing you that "viruses" have been detected on your computer and suggests that you download a program which, if installed, provides your personal information to the writers of the rogue. Apple provided removal instructions for the rogue on May 24th 2011 which can be found here.

Thanks for reading. If you have a question, by all means, comment away.

Read More

1,000 pageview celebration: NavaShield

Alright, as you might have heard, I got my 1,000th pageview yesterday. I am really impressed that quite a few people are interested in this. But I am questioning why this is so interesting to you all. But I will keep writing blog posts, and we will just keep going on. Also, I would like to add that I have a nice spotlight on malware post coming up in two weeks, give or take about two days. So stay tuned.

Now for the actual post: In 2010, one of the meanest rogue antivirus programs I have ever seen shot up overnight. It's name was NavaShield. And this rogue was hardcore right from the start. The installer: 53 MB (very big for an installer.) Once NavaShield was installed, it wanted to be registered. So you could enter in a product key, or you could ask the program to generate it's own key that let you try the program for a week. At that point, Navashield told you that everything was protected, the User Interface was green, looked kind of friendly. But after a week, Navashield got mean. It asks to be registered, which of course requires you to buy it. If you did not do so, It gets real mean, real fast. What it did was play some sound though your speakers, and it started to "white-out" your desktop. If you are someone who wants to stop it via Task Manager, Task Manager is blocked by it. You can try to open a program, it just gets knocked down. And if you tried to restart (good luck,) It would come up again after a few minutes. Thankfully for those infected, it did not run in Safe Mode, and after a while the people that research these rogues had product keys ready. The product key stopped the rogue and allowed you to remove it.

Thanks For 1,000 pageviews guys, I really appreciate it. I'm going to be making more blog posts and then posting them on a schedule. Thank You, now go get on with your day or comment below.

Read More

Yes, Macs do get viruses.

Before we get started here, I just want to say that I have nothing against Apple. I am not on a Microsoft payroll and there is actually a Mac in my home, I love Apple products and proudly use them.

Now for the actual content of this post: "Macs don't get viruses." How many times have you heard that? You might even believe so yourself. If so, sorry to burst your bubble, but Macs do get viruses. This post will provide proof that debunks the myth that has evolved from the fact that Macs are immune to Windows malware. We were led to believe that Macs do not get viruses. I know, because I did not know the truth myself until very recently.

The first big attack on Macs by malware was Mac Defender, first detected in May of 2011. This was a fake antivirus program that also went by the names Mac Protector, Mac Shield, Mac Guard, and Mac Security. The program "scans" your computer and comes back with a large number of "infections" that it then demands you pay for the removal of. The infections are not real and this program was really only designed to scare the user into paying for the "antivirus" so that the "threats" can be removed. It is not known how many Macs got infected with this (It's an illegal business, don't expect people to keep score.) But based on the number of calls to Apple's customer service hotline, the infections were likely in the tens of thousands. Apple representatives were told not to instruct customers on the removal of Mac Defender so that Apple would not confuse customers into believing that Apple could help them remove all malware in the future. Until May 31st, when a patch was released, Mac users got little help from Apple on removing this threat. For those that still hang on the myth that Macs don't get viruses, read this. Why would Apple make an update if Mac Defender was not a big problem? This rogue antivirus program blew a large hole in the myth that Macs don't get viruses.


But another piece of malware blew an even bigger hole in it. The Flashback Trojan, detected in September 2011, infected hundreds of thousands of Macs. This Trojan attempts to make the user believe that it is an update to Flash player (That's why the name of the Trojan is Flashback.) If the "update" is installed, the infected Mac becomes a part of the largest botnet of Macs ever made. This time Apple did not release a fix until April of 2012. This large amount of time can be excused because Flashback did not become an issue until late March of 2012.

So, now that we know better, what are we going to do about it? Well, we can keep our Macs updated, but there seems to be a lag between the bad guys putting something out and Apple patching the OS. The lag is noticeable and slow enough so that if you are a heavy internet surfer, these updates just might not be quick enough or good enough. For that there is one of my favorite Antimalware products for Macs. Intego Mac Internet Security 2013 helps protect your Mac from emerging threats, updates come often to stop the latest malware. And it also detects Windows malware so you do not spread anything to your friends that use Windows. For some users, it may seem a bit pricey. But you bought a Mac for a reason, why not protect your investment? This is the bare minimum protection that Macs should have in my opinoun, if you need more protection, you've got it right here.

That wraps it up for my first blog post about Macs. Like it? Hate it? Let me know in the comments, that's what the comment form is there for.

Read More

Malware Countermeasures

OK, now that we know the types of malware, what are we going to do about it? For that, I provide the top 3 things you can do to prevent infection.

1. Use Antivirus Software. 

One of the best things that can be done is to get good antivirus software and keep it updated. A lot of people have antivirus software, but some do not keep it updated. They say: "I will update it when I need it." This is akin to: "I will enable my airbag when I need it." Does this sound smart to you? Some estimates say that at least 100 unique viruses are sent out in the wild every day. Do I have your attention? Good, because antivirus software that is kept up to date can keep you from becoming a statistic. If you would like a recommendation for antivirus software, drop me a line in the comments with a basic description of what you use do online.

2. Use Antimalware Software.

To all the parents out there: If your child is sick, say running a 103 fever. And the doctor you take them to says that they are fine, would you want a second opinion? Antimalware software works the same way, it detects most of what your regular antivirus cannot. Because after all, no antivirus can detect 100% of all malware. My antimalware of choice is Malwarebytes Antimalware. It is fast, it is robust, and it does not slow down your computer. You can find it here.

3. Common Sense. 

Did you think the last one was going to be complicated? Yeah, what now? Believe it or not, this can help you with what your antivirus and your antimalware cannot, avoiding threats before they become a problem. The websites you would not expect to be infected often do get infected for the very reasons you would not think it would get infected. But still, the infections on websites you would expect to be infected should be avoided. If you get a "document" from a friend that has an .exe (executable) file name, does that sound like a document to you? And going to unsavory websites can get you infected, so just avoid them. Remember that on the internet, if you are thinking with your other head, or not paying attention to what you are doing, you are a big target.

So what do you think about this blog post? Like It? Hate It? Drop me a line in the comments, what you like is what I will write more about.

Read More