AtNetPlus, Inc. Bulletin – Reports of Malware Infections Increasing

AtNetPlus, Inc. Bulletin – Reports of Malware Infections Increasing

We have recently noticed a dramatic increase in the number of calls we are receiving from clients who are experiencing problems with their computers. Because of the increasing volume of calls, we felt it was important to inform all of our customers about the latest malware currently making the rounds through email and the Internet. Although some of these programs have been around for more than a year, there has been a resurgence of infection in the past few weeks.

We have seen several variations of these malware programs, but all are attaching themselves to Windows processes. Once you are infected, these programs replicate themselves on your computer and contaminate more and more processes. Unless steps are taken to address this, they will eventually render your system unusable.

Although they are always very difficult to remove, the longer they reside on your computer the more likely it is that the only way to stop them is to wipe the hard drive, and reinstall the operating system (OS). If that happens, you may incur not only significant downtime but also the loss of critical data.

How Are The Computers Becoming Infected?

These infectious programs go by several different names including: Vundo, Antivirus 2008, Antivirus 2009, XP anti-virus 2008, and Vista anti-virus 2009. These names are meant to mislead you into installing them.

Vundo infects your computer using pop-ups and advertising for fake antispyware programs. It is also known to cause performance degradation and denial of service with some popular websites. You are lured into installing the malware when a pop-up message indicates that the problem you are experiencing is because of a virus and you are offered an antivirus program to scan your system to remove the viruses. Unfortunately, this fake antivirus software infects your computer. A few of these pop-up attacks also ‘sell’ the antivirus software so that not only is your computer infected, but your credit card information is stolen too!

Within the last few days we have also begun to see emails with a subject line stating something like: “Best Antivirus 2008.” The email appears to be an advertisement for a legitimate antivirus product. Again, the victim of this attack believes they are buying a new and better antivirus product but instead their computer is compromised.

Other computers have become infected when the malware is downloaded through opening an email attachment such as a .ZIP file or more commonly, by opening video on a social media websites similar to You Tube, myspace or facebook. After you ‘click’ on the video, a message comes up saying that you need to install a plug-in to view the video but if you choose to install it you are really infecting your computer with malicious malware.

Symptoms

If you notice any of these symptoms or anything different from the way your computer usually works, call us. It will only take a few minutes to determine if you are infected. And like all diseases, early detection is critical. Watch for the following symptoms:

  • An increase in the number of pop-up windows including those for websites, pornography, and games.
  • Frequent system reboots
  • Frequent Internet Explorer errors

Prevention

There are several things you can do to keep from infecting your computer. Always use safe browsing habits:

  • Use work computers only for work related activities
  • Visit only work related, trusted sites
  • Do not install programs just because you were prompted to do so by your web browse
  • Do not open any .ZIP files unless you were expecting such a file from a trusted source
  • Use only legitimate sources for downloads. In other words, if you need something like a media player download one directly from the website of a trusted source.
  • Question the need to install plug-in software – especially to view video.
  • If you’re not sure, don’t open or download it.

Call us if you have any questions or concerns. We want to help.

Reports of Non-Delivery Notices Also On The Rise

We have also been receiving more calls than usual about Non-Delivery Report (NDR) notices. NDR messages are valid notifications than an email you sent cannot be delivered to the recipient.

The message usually starts like this:

Undeliverable: Subject of email
MAILER-DAEMON@MAILER-DAEMON
Sent: date
To: recipient

Delivery has failed to these recipients or distribution lists:

The message goes on to give a list of times, servers, and other information to show how the email traveled through the Internet.

We all get them occasionally when we mistype an email address or when the recipient has stopped using an email account. However, sometimes we start getting them because a spammer is ‘spoofing’ our email address and making it appear as though the message came from us when it did not.

Unfortunately, there is nothing that can be done to prevent spammers from spoofing your email address. And, there is little that can be done to prevent you from receiving the NDR notices. However, as the spammers move on to other targets, the quantity of messages will slow significantly and may stop altogether for a period of time.

Even though we can’t stop NDRs, we wanted you to know that it does not mean that there is anything wrong with your system. It usually doesn’t mean that you have a virus or that anything else is wrong with your computer. It’s just one of those things we all have to put up with in order to enjoy the convenience of email.

Again, if you have questions or concerns, please call us. We’ll be happy to test your computer to make sure your system is secure.

2016-10-28T19:19:41+00:00 August 22nd, 2008|

About the Author:

Cat Lawson
Front-End Web Developer Cat's primary role is supporting clients and their website needs. Web-related issues and questions all are handled through our Web Support. Additionally, she works with clients to develop their websites and helps ensure the quality of each website is meant to both AtNetPlus and client standards.

What do you think?