|
Phishing email scam utilizes keylogger malware to steal sensitive information[^]
I recently got an email with a Word attachment that insisted I install Silverlight in order to view the attachment. I did run the install in a moment of stupidity, but immediately realized my mistake. So I re-imaged my systems drive from a recent image to get rid of any potential malware. I also changed all my critical passwords with financial institutions.
I have suggested it before, but I really wish we had a Security Forum on CP, where members can exchange data about such malware to benefit all of us.
Get me coffee and no one gets hurt!
modified 17-Jan-17 19:29pm.
|
|
|
|
|
..there does not have to be a specific forum for your question, if there's no category that fits than pick the closest thing to it.
Then again, you are simply opening an unsafe document with macro's; you know how that works
If you want to know whether you can detect a keylogger, the answer is no.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Eddy Vluggen wrote: detect a keylogger Um, depending on how it's written, a software one can most likely be detected. A hardware one, most likely not.
#SupportHeForShe
Government can give you nothing but what it takes from somebody else. A government big enough to give you everything you want is big enough to take everything you've got, including your freedom.-Ezra Taft Benson
You must accept 1 of 2 basic premises: Either we are alone in the universe or we are not alone. Either way, the implications are staggering!-Wernher von Braun
|
|
|
|
|
TheGreatAndPowerfulOz< wrote: Um, depending on how it's written, a software one can most likely be detected. Yes, would be nice if you knew what you were looking for then
--edit
There was an article about hooks on The Old New Thing, but I cannot find it at the moment.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Eddy Vluggen wrote: If you want to know whether you can detect a keylogger, the answer is no.
Yes you can. A keylogger needs to register a hook with SetWindowsHookEx win32 API.
That said, although tricky, you can detect installed global hooks. And somebody has already done it: GitHub - prekageo/winhook.
It would be a tricky task to monitor and detect legit from malware global hooks. But it is possible.
To alcohol! The cause of, and solution to, all of life's problems - Homer Simpson
Our heads are round so our thoughts can change direction - Francis Picabia
|
|
|
|
|
Very nice of you to report your moment of fog on this, because if it could get an advanced tech user such as yourself (being a developer) it can definitely get other non-tech users.
Sorry you went through that.
EDIT
BTW - I use VirusTotal - Free Online Virus, Malware and URL Scanner[^] for these types of things.
Would love to see the results for your scan of that download.
|
|
|
|
|
Quote: Sorry you went through that.
Thanks, but there was no harm done in the end, and it did serve to make me more careful.
Get me coffee and no one gets hurt!
|
|
|
|
|
I'm familiar with VirusTotal, but did not think of using it before I deleted the offending email with its attachment and all.
Get me coffee and no one gets hurt!
|
|
|
|
|
I became so suspicious, that last week I deleted a bunch of emails from CEO, because it came via the new attendance system...
Not that it matters after all - I do not use that system, so it was sent to me by mistake anyway...
Skipper: We'll fix it.
Alex: Fix it? How you gonna fix this?
Skipper: Grit, spit and a whole lotta duct tape.
|
|
|
|
|
Look on the bright side - at least you had the backup. Most non-professionals don't even have one.
If you have an important point to make, don't try to be subtle or clever. Use a pile driver. Hit the point once. Then come back and hit it again. Then hit it a third time - a tremendous whack.
--Winston Churchill
|
|
|
|
|
Quote: at least you had the backup. Most non-professionals don't even have one.
As Sean would say: "Inconceivable!"
Get me coffee and no one gets hurt!
|
|
|
|
|
Daniel Pfeffer wrote: Look on the bright side - at least you had the backup. Most non-professionals don't even have one.
But in my defense, I use my home PC only for gaming and paying bills, and also I'm notoriously lazy.
There is only one Vera Farmiga and Salma Hayek is her prophet!
Advertise here – minimum three posts per day are guaranteed.
|
|
|
|
|
|
Valuable advice! Thanks.
Get me coffee and no one gets hurt!
|
|
|
|
|
I read about this yesterday on ZDNet, it's probably not a macro, but an image (install Silverlight) that points to a Visual Basic Script instead of a URL which installs the keylogger. Details:
[^]
|
|
|
|
|
Which is why you change the .vbs file association to open with Notepad instead of WScript.
Still doesn't hurt to disable macros, though, since some ransomeware still uses them.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Cornelius Henning wrote: I recently got an email with a Word attachment Red flag #1
Cornelius Henning wrote: that insisted I install Silverlight And that's when you toss it in the spam folder.
|
|
|
|
|
Well, again linux community is excluded from such an interesting software.
|
|
|
|
|
|
When Houdini used trap doors in his act, was it just a stage he was going through?
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
No. His whole act was hinging on them!
... such stuff as dreams are made on
|
|
|
|
|
No mater how much I lock, I can't escape the feeling this is no joke.
veni bibi saltavi
|
|
|
|
|
And he went through them at breakneck speed, too!
If you have an important point to make, don't try to be subtle or clever. Use a pile driver. Hit the point once. Then come back and hit it again. Then hit it a third time - a tremendous whack.
--Winston Churchill
|
|
|
|
|
Wasn't he the first escape character?
"the debugger doesn't tell me anything because this code compiles just fine" - random QA comment
"Facebook is where you tell lies to your friends. Twitter is where you tell the truth to strangers." - chriselst
"I don't drink any more... then again, I don't drink any less." - Mike Mullikins uncle
|
|
|
|
|