Featured Post

News Scan for Jun 29, 2020 | CIDRAP - CIDRAP

Image
News Scan for Jun 29, 2020 | CIDRAP - CIDRAPNews Scan for Jun 29, 2020 | CIDRAP - CIDRAPViruses: Breaking new grounds in research | Results Pack | CORDIS | European Commission - Cordis NewsHelping Others Make Healthy Choices - Texas A&M Today - Texas A&M University Today"How Contagion Works" author Paolo Giordano on the environmental, social and political factors impacting coronavirus and future threats - Sydney Morning HeraldPandemic Outbreaks in the Past Decade: A Research Overview - ResearchAndMarkets.com - Business WireNews Scan for Jun 29, 2020 | CIDRAP - CIDRAPPosted: 29 Jun 2020 12:00 AM PDT Ebola infects 4 more in DRC's Equateur province outbreakOfficials have reported 4 more confirmed cases in the Democratic Republic of the Congo (DRC) Equateur province Ebola outbreak, raising the total to 28, the World Health Organization (WHO) African regional office said today on Twitter.So far, no details on the latest cases in the DRC's 11th Ebola outbreak are no…

troijan,another user (wgautilacc) - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

troijan,another user (wgautilacc) - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer


troijan,another user (wgautilacc) - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

Posted: 24 Mar 2020 01:46 AM PDT

hello so i managed to get a troijan used malwarebytes to remove it but it seems like its not gone. i tried using R-kill and then malwarebytes and hitmanPRO, but that did not fix it. i can see another account in windows repair screen called ''wgautill acc''. I ran farbar and attached the files. hope it helps! allso my display driver keeps crashing.

Attached Files

Edited by MesiMeloni, Today, 04:03 AM.

Fake antivirus site promises coronavirus protection, delivers trojan - ComputerWeekly.com

Posted: 24 Mar 2020 09:04 AM PDT

A fraudulent website that claims to offer a digital antivirus program that protects users against the Covid-19 coronavirus has been found online, tricking its victims into downloading a remote access trojan, or Rat, that turns the target computer into a bot.

The site in question is just one of a number of scam websites that have been newly identified by Malwarebytes, and more are popping up all the time, as cyber criminals try out any means to cash in on what is becoming, by some margin, one of the most dangerous and widespread cyber security threats in history.

"Scammers and malware authors are taking advantage of the coronavirus crisis in full swing. We have seen a number of spam campaigns using Covid-19 as a lure to trick people into installing a variety of malware, but especially data stealers," said the Malwarebytes threat intelligence team in a blog post disclosing its latest research.

"As more of us work from home, the need to secure your computer, especially if you are connecting to your company's network, becomes more important. However, you should be extra careful of bogus security software, especially if it tries to use the coronavirus as a selling point."

It should go without saying that no cyber security antivirus product could possibly provide protection against an actual biological virus. However, those responsible for the scam – to which we are not linking – have almost certainly already ensnared numerous victims and will be counting on stressed and emotional people being more likely to fall for the trick.

Fake website offering protection against the coronavirus

The website (pictured) states: "Our scientists from Harvard University have been working on a special AI development to combat the virus using a windows app. Your PC actively protects you against the Coronaviruses (Cov) while the app is running."

If a user is unfortunate enough to install the application, they will find themselves infected by the BlackNET Rat, giving cyber criminals the ability to access the target machine from a command and control (C2) server.

BlackNET enables cyber criminals to co-opt the target machine into a botnet to conduct distributed denial of service (DDoS) attacks, to take screenshots, to steal Firefox cookies, to steal saved passwords, to implement a keylogger, to remotely execute other malicious scripts, and to steal bitcoin wallets if present. Malwarebytes said the full source code for this particular toolkit has been circulating on GitHub for at least a month.

"Users should be extra careful of bogus security software, especially if it tries to use the coronavirus as a selling point"
Malwarebytes threat intelligence team

In this instance, Malwarebytes was able to work with CloudFlare, whose service was being abused to deliver the malicious website. CloudFlare has now taken action to flag the website as a phishing scam.

"During this period, it is important to stay safe both at home and online. The number of scams we have seen during these past few weeks shows that criminals will take advantage of any situation, no matter how dire it is," the researchers said.

"We recommend that you keep your computer up to date and use extra caution when downloading new programs. Beware of instant notifications and other messages, even if they appear to come from friends."

More information, including further screengrabs and indicators of compromise (IoCs), can be found on the Malwarebytes website.

Am i just being paranoid or do i have hidden viruses on my pc? - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

Posted: 23 Mar 2020 12:59 PM PDT

I asked this on discord and got directed to make a topic here, i'll just copy paste what i typed in discord:

"Am i being paranoid and think i still have something hidden in my pc after running Kasperky Rescue disk, Malwarebytes (full scan), HitmanPro, and few other AV softwares and they show nothing. But after running Microsoft defender, it shows trojan on maplestory installation file... which i deleted manually since Defender would not remove it."

My main AV is Panda Dome and Malwarebytes as second opinion scanner.

I tend to run scanners and other AV softwares once in 2 months. 

I'm bad at typing topics like this so if there's any questions, i'll be happy to answer those.


Comments

Popular Posts

System detected an overrun of a stack-based buffer in this application [FIX] - Windows Report

Valorant anti-cheat lead answers many questions on Reddit - Millenium US