The Lounge is rated PG. If you're about to post something you wouldn't want your
kid sister to read then don't post it. No flame wars, no abusive conduct, no programming
questions and please don't post ads.
is anybody else concerned by how many 'green ticks' there are for that? Now I know 'we' on CP would never run anything on our computers, but we do all head tech support for the family right? They are not so wise!
It just appeared on our radar 24 hours or less.
AFAIK, signature will get released any time from our AV labs as well.
It's also a polymorphic one (if I got this one right), that's why analysts performs more tests on this one.
Also, if one reads VirusTotal list, it can be seen that:
- two vendors name it Trojan.Win32.Kryptik.BCISU and second Trojan.Win32.Kryptik.CISU (good thing a letter differ between two different vendors)
- others name it Trojan/Generic or Malware Gen, which is usually another name for "we know is doing something bad but we don't really know what is"
- Symantec signed it with Suspicious.Cloud.5 which is documented from 2010, but the virus is first seen on 2014/08/14 (yesterday); I don't know what to think here
- Sophos name it AIJV[^] and also mention it as AviraTR/Agent.CISU.1 (CISU again !)
All in all, I'm not in an AV guy, but I know enough to read between the lines that this is
1. an 1-day item
2. drops on computer only if clicked and downloaded and executed (from Dropbox in the sample I have seen)
3. quite easy to detect and remove (registry key modification, relatively large size - 188 Kb)
* * *
That does not mean it is something the regular user can ignore.
But they do.
No matter how many times I tell my father
"if someone you don't know and looks suspicious pops up at the door, do you let him in? it's the same with programs; you don't know what is, you don't trust who did it or why pops, close it and never look back"
he keeps clicking on Yes on anything it moves.
I promised myself than one day I will do a MessageBox with something like
"Is your mom a very nasy slut?"
I bet that at least 75% of the users will click on yes.
I seem to remember someone posting on CP a while ago that these phishing messages were written with intentionally poor grammar and spelling so that they target the more uneducated that are seemingly more liable to fall for the scam. That way they are focussing their efforts. Not sure on the legitimacy of that claim, but I can see some of the logic.
these phishing messages were written with intentionally poor grammar and spelling
This is the conclusion reached by the Freakonomics team and published in "Think Like A Freak" and other works thereof. It makes sense. Your average scammer doesn't want to be bothered with anybody who has the nous to spot the danger at some point. That's just wasted time and effort for no reward. So they're more than happy for the likes of us to dismiss their mail as spam/scam and maybe have a giggle at the ineptitude before binning it. It's zero loss after all (they don't even have to pay for postage any more). Their only interest is in those who can be fooled.
When I see stupid phishing attempts like this I always wonder: "How much money can the people stupid enough to fall for this sort of thing have to steal?"
This is the saddest part about the whole thing. They target poor and the elderly. Those types of people fall for this, not 'stupid' people as everyone is saying. Someone with very little money may see that and click without thinking out of desperation. Also, elderly people who have no idea how the Internet works fall for it. They are ignorant, not stupid. I've taught elderly how to use computers before, and they are not stupid, it's just a different world for them. Just wait until you grow old and technology has left you behind, and see how you feel.
That's what makes these people the scum of the earth, they not only steal, they target the less fortunate and the elderly who don't know any better. They know that rich people are less likely to fall for it, so they target the less fortunate. And for that, to bring back one of my favorite quotes from Shepherd Book, they deserve to burn in a very 'special hell'.
I have always wished for my computer to be as easy to use as my telephone; my wish has come true because I can no longer figure out how to use my telephone - Bjarne Stroustrup
The world is going to laugh at you anyway, might as well crack the 1st joke!
My code has no bugs, it runs exactly as it was written.