Over Christmas Day lunch with my extended family, an uncle mentioned he was upgrading his laptop on Boxing Day to take advantage of the sales. His laptop wasn't that old, so I was curious as to why he was considering a replacement so soon. His reply was his current laptop had a virus, and the virus was so bad the software he had wasn't able to remove it. I asked to borrow his infected laptop, and with the promise of beer and food if I could fix it, I booted it up the next day, and was presented with this gem:
SecurityTool is a very clever piece of deceptive software. It entices a naive user by presenting a banner on a webpage saying that it has done a quick scan of their computer, and has found viruses that should be removed (this is impossible, no webpage can scan your hard-drive). The user, believing the advert, downloads and installs this, and then the fun begins.
It configures itself to boot up at startup, changes the desktop background to white and puts a white overlay hiding your icons, and will not let you shut it down (it takes up the whole screen) until you buy a full version. It presents "viruses" that it has discovered (which are all fake) and encourages you to purchase the full version for your protection. Even my constant pressing of Ctrl+Alt+Del were futile - the program quickly hides the Task Manager behind the screen above.
SecurityTool is very simple to remove - boot into Safe Mode, run msconfig and stop it booting up at startup. Also, delete the executable and the system returns to normal on the next restart.
As a programmer, I was amazed at how simple the idea of this software is - tell the user they have viruses, don't allow them to do anything until they purchase the full version, the whole time they believe you as they are none the wiser.
All this leads into the point of this post: don't trust the internet. Some years back when we used to do IT support for a handful of large companies, the biggest threat to their network's security and stability existed between the monitor and the chair of every computer. An ill-informed user can wreak havoc (just ask the Waikato DHB) with their downloads.
For some reason, unbeknown to me, if a user reads something on a webpage or in an email, they trust it 100%. All of their common sense and knowledge goes out the window. They ignore all warnings and information given to them by those in the know, and they follow what they read on screen.
Other things to watch out for:
- A Nigerian (or any other country) prince doesn't have millions to transfer you.
- The flashing banner saying you are the millionth visitor are fake.
- Your bank/TradeMe/PayPal/Gmail et al. have not lost your data, nor will they ask for your password in an email.
- A friend will not send you an email out of the blue, with an attachment you were not expecting.
If you suspect a rat, you can be sure you'll find one.
Being confused about something online is not unusual - don't act on what you read, ask someone you trust (who knows what they are talking about), or seek advice from a legitimate computer store. You can save yourself a lot of wasted time and unnecessarily lost data by seeking good advice.
Have a relaxing break everyone!
Other related posts:
Cyber attacks on NZ small business
How one database query can fix HOP cards
Review: Navman MiVUE680
comments powered by Disqus