It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Community Alert - New Virus "Shamoon" discovered

page: 1
4
<<   2 >>

log in

join
share:

posted on Aug, 17 2012 @ 01:54 PM
link   
New Windows Virus leaves computers unbootable


We’re getting news of a particularly nasty Trojan targeting Windows-based PC today, which anti-virus companies have dubbed “Shamoon.” Like most malware, Shamoon exists to steal data from computers connected to the Internet, but what it does afterward is quite evil. In an effort to cover its tracks, it begins deleting files, including the Master Boot Record. This, naturally, leaves the PC unbootable, and can cause some major headaches. The malware itself is a 900KB file that uses many encrypted resources

edit on 17-8-2012 by 1BornPatriot because: (no reason given)




posted on Aug, 17 2012 @ 01:58 PM
link   
AHA! The Iranians strike back!
Or is it the goverments way of shutting down peoples access to internet?
Or Micosofts way of selling new computers to people?



posted on Aug, 17 2012 @ 02:01 PM
link   
reply to post by 1BornPatriot
 
Hmmm. Time to boot back over to linux when I get home, then.

Thanks for the heads up.



posted on Aug, 17 2012 @ 02:11 PM
link   
Computer illiterate here.

What steps should I take to avoid this? I have up to date antivirus software, is that enough?



posted on Aug, 17 2012 @ 02:14 PM
link   
reply to post by smyleegrl
 


Create a boot disc if you no longer have the install software that came with your system. You can search "start up disk" in the windows "search" function and it will walk you through doing it.



posted on Aug, 17 2012 @ 02:21 PM
link   

Originally posted by Hefficide
reply to post by smyleegrl
 
Create a boot disc if you no longer have the install software that came with your system. You can search "start up disk" in the windows "search" function and it will walk you through doing it.

Better yet IMO, go ahead and download Linux Mint's ISO version for your respective systems and burn it to a DVD-R right quick, if you can bear jumping through a few hoops to run any Windows-only software you can't live without. Then burn all Windows discs and say goodbye to the eSTD-infested world of Windows. Oh, and pass it along to friends after that.

Otherwise Heff, for those who simply ADORE Windows...your advice is probably excellent and true.


reply to post by smyleegrl
 
Smylee, to expand on Heff's response - no, not really. Even top of the line antivirus programs may not update their virus definitions quickly enough to prevent infection from new threats. Depending on your online habits and firewall software, etc., you might be safe enough otherwise - but I'm a big believer in not even messing with it. I rarely boot over to Win7 anymore since I got Mint 13 installed a few months back.

Good luck, and stay safe out there.
edit on 8/17/2012 by Praetorius because: Typos and spacing and such, oh my...



posted on Aug, 17 2012 @ 02:37 PM
link   
Some extra info:


Dubbed "Shamoon" due to a string of a folder name within the malware executable, the attack ends up with delivering destructive malware on the targeted computers that ends up making them unusable.

"The interesting part of this malware is that instead of staying under the radar and collect information, the malware was designed to overwrite and wipe the files and the Master-Boot Record of the computer," Seculert researchers pointed out.

"While it's rare to find this type of malware in targeted attacks, our friends at Kaspersky Lab suggest that this is the same behavior of the wipe malware found attacking machines in Iran that were infected with Flame."


It appears the industry is considering this a "copy-cat" virus ....


"The original 'Wiper' was using certain service names together with specific filenames for its drivers which do not appear to be present in this malware. Additionally, the original Wiper was using a certain pattern to wipe disks which again is not used by this malware," they shared. "It is more likely that this is a copycat, the work of a script kiddies inspired by the story."


from: Shamoon

This is apparently focused on the energy sector (surprise - another excuse to raise prices...)



posted on Aug, 17 2012 @ 03:24 PM
link   
reply to post by Praetorius
 


If the majority of people using computers had Linux then Linux would have all the virus's. The only reason that Linux does not have many virus's is that hardly anyone uses it and not because its superior to Windows in any way.

This is what i don't understand about people who use Linux, they are always trying to recommend it to other people as a virus free OS. Well if you want to keep it virus free stop recommending it to people.


edit on 17-8-2012 by PhoenixOD because: (no reason given)



posted on Aug, 17 2012 @ 03:34 PM
link   

Originally posted by PhoenixOD
reply to post by Praetorius
 
If e4veryone had Linux then Linux would have all the virus's. The only reason that Linux does not have many virus's is that hardly anyone uses it and not because its superior to Windows in any way.

This is what i don't understand about people who use Linux, they are always trying to recommend it to other people as a virus free OS. Well if you want to keep it virus free stop recommending it to people.

Not exactly. Market share and popularity definitely figures in, but there are also other factors that generally make the system safer to malware as we presently know it.

Unlike Windows, Linux does not grant users root access by default, essentially meaning you have to OK the malware to do what it wants to do by entering your root password, instead of it just doing its thing like it would in Windows since it already has admin access to a Windows system.

Also, the open-source community nature of the OS means that any such issues are identified and usually resolved before they can have much of an impact, as well as the large number of different distributions meaning that a virus written for one likely won't have a great impact on others (adding to its small-target nature for malware authors).

It's not necessarily virus free, but due to its nature differing from Windows in several important aspects, it is simply a much safer setup. If you can't understand why that alone makes us recommend it, not even bothering to address a love for open source as compared to Windows' proprietary and less-friendly aspects, then I'm not sure what more I can really say. It otherwise is an operating system just like Windows, but with less established inroads to the developers' world for mainstream software, etc.

I like this line from the Wiki page on Linux Malware:

The following is a partial list of known Linux malware. However, few if any are in the wild, and most have been rendered obsolete by Linux updates.

The biggest threat for the casual user is pretty much just that of accidentally passing along a Windows virus to Windows PCs by not scanning files before sending them along out into the world.

Take care.
edit on 8/17/2012 by Praetorius because: (no reason given)



posted on Aug, 17 2012 @ 03:35 PM
link   
reply to post by smyleegrl
 


Another way around this, is to, if you have enough harddrive, and nowadays most do, to dual boot with linux. So grub is in control of the boot record. Say 30 gibabytes given over to one of the linux's, I prefer pclinuxos. For the ubuntu type, pinguy has alot going for it, but weak and the sound went on mine so back in pclinuxos. As long as you're hard wired, to the internet it tends to work for most, but you really have to research on your wireless. Sometimes that can be a process and without internet a hard one. So you'd definitely want your windows still existing and well.

There are walkthroughs online how to do the dual booting which is easy, and its all testable with a live linux cd. I wouldn't be in windows unless you have to. Game or an unusual program some need it for, some printers print nicer in windows, so for me I'd be burning it off and heading to my kids computer since I don't dual boot.

Also its really handy to have a live CD with pclinux or ubuntu or pinguy burnt off, and you need to follow the right procedure to burn an ISO file, and pclinux has a link to a good open source windows burning program that does this and its a good one. Or at least they used to. Otherwise you search, open source burning program free windows. Open source being the best IMO.

Having a live cd, like that, means if something does happen to your computer, if you have your boot record set in BIOS. I leave mine permanently set. To be: first priority cdrom. second hardrive.

That means if something happens, you pop in a live cd and go to the linux desktop, that is still uninstalled, and decide what you want to do from there.

I would already, ahead of time, make a spare partition, 30 gigs at least, that you don't put files you essentially want to save, if its D or E, whatever it is labeled by windows. It is the one you might install the linux on, in an emergency if you can get on with the live CD.

You're not limited to 30, more is better. linux is good. But also 20 gigs can just barely do it too.

Now in a situation with a non bootable windows computer, a good partition, a bios that boots from cd rom first, and a live linux cd of the most idiot proof ones, like pclinux, you go to the install option, root, is root passward, guest is guest. You would choose the partition you wish, as your options and then in that 30 gigabyte space, when you select it, you would delete it and then choose to make another partition, and give 2 gigabytes of it, say as a small grub partition. Then the rest you would create another parition, root or master, and you would install.

It would give you the master boot record, and you would then be able to access windows, or reinstall it.

However if you do reinstall windows, it is not generous enough to give you a dual boot at the beginning, so you have to use the live cd, to restore master boot in linux, so you can choose to boot into either one.

Obviously this is the bare bones way of doing it, there are better ways of organizing partitions and your hard drive, so you would never have to reinstall linux if things go wrong, only the root part and still keep all your home files, by creating 3 partitions, a small one for grub, 20 gigs or more for root/master, and a huge one for home and all your stuff. Which you can also do with windows, and still dual boot. In fact if you're like me, you've dual booted many distros and windows in the past, with many partitions, to try them out.
edit on 17-8-2012 by Unity_99 because: (no reason given)



posted on Aug, 17 2012 @ 04:03 PM
link   
To any who want to dual boot with linux to secure their computers more, pclinuxos is the best, and I've tried many of them, if you're not on a very old computer, the kind with 1 gig or less ram and so on. Then there are lighter weight linux. Pclinux is solid, doesnt crash ubuntu derivatives, doesnt use anaconda installer, which doesnt give you choices in your hard drives and tries to take control of your computers, which might explain the little reptile emblems for Suse and Sabayon linux, two beautiful distros that are nightmares when you trie to take permissions of your own files and cdrom even, they even like to take control of that. Linux is different and you need to google problems to get solutions, and learn the file system, the way of installing only linux programs through their programs. Pclinux has the media codex you need and drivers out of the box for most things is not debian and is stronger, is better than mandrake its cousin, and has its own magazine, with lots of info.

pclosmag.com...

And for anyone wanting to protect against virus's staying out of windows unless you have to be in it, for certain programs, is the first step.

Dual booting is far better.

Oh, and its free.

edit to add: Just thought of something. Laptops sometimes do better with debian and unbuntu due to different driver mix, not usally a problem for someone with more experience in linux, but for the novice, it would be.

So, its best to have several live CD's burnt off and I would recommend, pclinuxos, and pinguy, with mint similar to pinguy, so you might want those 3. Open suse is rock solid too but permissions are a pain in the but, and choice with regards to your partitions, it doesnt like to give you choices. I wouldn't bother with that one. Ubuntu, can be tweaked to be like mint or pinguy, but its not for the novice, you don't have codex's for videos and its such a hasstle, to get it set up right.

And then its not anywhere near as stable as pclinuxos. It is the most stable and idiot proof going, except during install where you have to ignore one question, dont set a grub password during install. Don't know why that is there even. After you do your first boot up, you set your regular passwords, in a wizard that pops up.

But having 3 alternatives gives you a high chance in having it all work out of the box, laptop or pc, for novices, and in an emergency if your Boot has been erased, you're going to want something that works even if its not as stable as pclinux, just working is terrific until you can get things solved.

isorecorder.alexfeinman.com...

Isorecorder is one of the best open source, burning programs to burn off a linux distro on windows. AND, pclinux is the best in KDE desktop for a novice.

www.pclinuxos.com...

linuxmint.com...

pinguyos.com...

Worth checking out the links and burning off the Live cd's, so they're there for emergencies. Always useful. There are times when you think you have a hardware problem, but if you put a live cd in, and get to the desktop, and it all works, you can pretty well figure out you probably have a software problem or driver problem even in windows.
edit on 17-8-2012 by Unity_99 because: (no reason given)



posted on Aug, 17 2012 @ 04:52 PM
link   
reply to post by Praetorius
 



Unlike Windows, Linux does not grant users root access by default, essentially meaning you have to OK the malware to do what it wants to do by entering your root password, instead of it just doing its thing like it would in Windows since it already has admin access to a Windows system.


Yes this is a common misconception by Linux users. It used to be that if a person was lazy and did not set up any other standard user accounts than the default administrator account when they first installed windows then they would be running in administrator mode. But if they did create a second standard user account then they would be prompted for administrator user and password if they wanted to do anything that could change the system adversely.

Ever since Windows Vista in 2007 this has changed completely. since windows vista, windows 7 and now windows 8 they have introduced User Account Control (UAC). Now even if the person who installed the system is lazy and only set up just the default administrator account Trojans or virus program can no longer take advantage of the situation.

Now since windows vista all users including the default administrator have to authorize anything that could adversely effect windows exactly the same was as in Linux. They are prompted for authorization for every administrative action. Also when this happens ALL other processes on the system are stopped (the screen is grayed out) until authorization is either given or denied. this way its impossible for a virus or Trojan to script a response.

So no , windows has not operated like you think since 2007.


edit on 17-8-2012 by PhoenixOD because: (no reason given)



posted on Aug, 17 2012 @ 04:55 PM
link   
reply to post by PhoenixOD
 


Yes, its far better but virus's are still written to override that, and they target windows over any other OS, mac is second, but still safer. Linux best.



posted on Aug, 17 2012 @ 04:59 PM
link   

Originally posted by Unity_99
reply to post by PhoenixOD
 


Yes, its far better but virus's are still written to override that, and they target windows over any other OS, mac is second, but still safer. Linux best.


Its only safer because people are not trying to hack it because it has a smaller market share. Not because of any advantages of the system. If Linux was the most used system it would be the most hacked.



posted on Aug, 17 2012 @ 05:01 PM
link   

Originally posted by smyleegrl
Computer illiterate here.

What steps should I take to avoid this? I have up to date antivirus software, is that enough?

emphasis mine

This is why I avoided linux as an option for advice altogether.


~Heff
edit on 8/17/12 by Hefficide because: (no reason given)



posted on Aug, 17 2012 @ 05:02 PM
link   
reply to post by PhoenixOD
 
Ah - that's a fair point, which I thank you for bringing up and apologize for not thinking of ahead of time (especially as I run Win7 on my other partition!). Regardless, there are still the other differences that seem to impart additional levels of insulation from malware threat to Linux systems. However, we're going a bit off-topic so I'll apologize to the OP and everyone else and leave it there as I was only trying to provide some useful recommendations, and not start a Windows vs. Linux war.


Windows is good and definitely owns the market - probably always will...it just doesn't hold the appeal for me that Linux does for these and other reasons.



posted on Aug, 17 2012 @ 05:10 PM
link   

Originally posted by Hefficide

Originally posted by smyleegrl
Computer illiterate here.

What steps should I take to avoid this? I have up to date antivirus software, is that enough?

emphasis mine

This is why I avoided linux as an option for advice altogether.


~Heff
edit on 8/17/12 by Hefficide because: (no reason given)


Yeah, sorry guys. I haven't a clue what Linux and dual booting or anything means...you're speaking Greek.


Thanks, Heff. Much appreciated.



posted on Aug, 17 2012 @ 05:27 PM
link   
reply to post by smyleegrl
 


Hah...sorry. Linux is just an operating system, like Windows. Dual-booting just means you have more than one operating system installed, and can pick which one to use when you boot up.

It's definitely alien to too many people, but Linux versions, some more than others, are about as new-user-friendly at this point as Windows is...if not more so due to slightly less security concerns.



posted on Aug, 17 2012 @ 05:47 PM
link   
reply to post by stirling
 


i think its apples way of getting more buisness



posted on Aug, 17 2012 @ 06:05 PM
link   
Currently, I have 2 hardrives, and the 1 T is for pinguy, as 64 bit, so if you're on 64 bit windows you'd probably want that unless you have a second hardrive. And it didn't crash even with world of warcraft set up in wine, and the 3D desktop cube with special effects on, when debian usually does crash for all of that, at least the ubuntu flavors. So I liked it, but alas, I did one of the dreaded updates in synopsis, and then the sound went. Apparently when you first install, you update the whole system not through the warning at the top, for that is a standard ubuntu update that will wreck some of the wonderful tweaks that pinguy did. You do the distro upgrade through the synopsis program. But only once. You can individually upgrade a program like say, wine or firefox, but don't do a distro one again.

Whereas, no such problem so far, with pclinuxos, and I've used it off and on for nearly roughly 7 years. I've tried 12 or more distro's so far and had 6 or more at one time.

If you're on 32 bit windows, then pclinux is great. I still recommend it even if you have to get another hard drive for 32 bit.

Gnome is usually good for older computers where lighter is better, and less ram, but so is xcfce. But you need to stick with lighter programs.

Then for a windows specific game, or some application you prefer in windows, you switch at the boot in.

I wouldn't make online purchases in windows, I wouldn't go on facebook in windows, and in fact, had to take it off our old computer when my brother moved in who snuck around on porn and like facebook. After the second reformat I just told him, good thing you're not a gamer, your getting linux. And problem solved for him. Thankfully he moved out a couple years ago. And was so proud of his new laptop he refused to set windows up so he had to use the password too, insisted he could fly around in administration mode in it. But he can at least pay to get his computer fixed and rewritten frequently I guess.




top topics



 
4
<<   2 >>

log in

join