I nearly fell for one of these
-
Phishing email scam utilizes keylogger malware to steal sensitive information[^] I recently got an email with a Word attachment that insisted I install Silverlight in order to view the attachment. I did run the install in a moment of stupidity, but immediately realized my mistake. So I re-imaged my systems drive from a recent image to get rid of any potential malware. I also changed all my critical passwords with financial institutions.:mad: I have suggested it before, but I really wish we had a Security Forum on CP, where members can exchange data about such malware to benefit all of us.
Get me coffee and no one gets hurt!
-
Phishing email scam utilizes keylogger malware to steal sensitive information[^] I recently got an email with a Word attachment that insisted I install Silverlight in order to view the attachment. I did run the install in a moment of stupidity, but immediately realized my mistake. So I re-imaged my systems drive from a recent image to get rid of any potential malware. I also changed all my critical passwords with financial institutions.:mad: I have suggested it before, but I really wish we had a Security Forum on CP, where members can exchange data about such malware to benefit all of us.
Get me coffee and no one gets hurt!
..there does not have to be a specific forum for your question, if there's no category that fits than pick the closest thing to it. Then again, you are simply opening an unsafe document with macro's; you know how that works :) If you want to know whether you can detect a keylogger, the answer is no.
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^][](X-Clacks-Overhead: GNU Terry Pratchett)
-
..there does not have to be a specific forum for your question, if there's no category that fits than pick the closest thing to it. Then again, you are simply opening an unsafe document with macro's; you know how that works :) If you want to know whether you can detect a keylogger, the answer is no.
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^][](X-Clacks-Overhead: GNU Terry Pratchett)
Eddy Vluggen wrote:
detect a keylogger
Um, depending on how it's written, a software one can most likely be detected. A hardware one, most likely not.
#SupportHeForShe Government can give you nothing but what it takes from somebody else. A government big enough to give you everything you want is big enough to take everything you've got, including your freedom.-Ezra Taft Benson You must accept 1 of 2 basic premises: Either we are alone in the universe or we are not alone. Either way, the implications are staggering!-Wernher von Braun
-
Phishing email scam utilizes keylogger malware to steal sensitive information[^] I recently got an email with a Word attachment that insisted I install Silverlight in order to view the attachment. I did run the install in a moment of stupidity, but immediately realized my mistake. So I re-imaged my systems drive from a recent image to get rid of any potential malware. I also changed all my critical passwords with financial institutions.:mad: I have suggested it before, but I really wish we had a Security Forum on CP, where members can exchange data about such malware to benefit all of us.
Get me coffee and no one gets hurt!
Very nice of you to report your moment of fog on this, because if it could get an advanced tech user such as yourself (being a developer) it can definitely get other non-tech users. Sorry you went through that. EDIT BTW - I use VirusTotal - Free Online Virus, Malware and URL Scanner[^] for these types of things. Would love to see the results for your scan of that download.
-
Phishing email scam utilizes keylogger malware to steal sensitive information[^] I recently got an email with a Word attachment that insisted I install Silverlight in order to view the attachment. I did run the install in a moment of stupidity, but immediately realized my mistake. So I re-imaged my systems drive from a recent image to get rid of any potential malware. I also changed all my critical passwords with financial institutions.:mad: I have suggested it before, but I really wish we had a Security Forum on CP, where members can exchange data about such malware to benefit all of us.
Get me coffee and no one gets hurt!
I became so suspicious, that last week I deleted a bunch of emails from CEO, because it came via the new attendance system... Not that it matters after all - I do not use that system, so it was sent to me by mistake anyway...
Skipper: We'll fix it. Alex: Fix it? How you gonna fix this? Skipper: Grit, spit and a whole lotta duct tape.
-
Very nice of you to report your moment of fog on this, because if it could get an advanced tech user such as yourself (being a developer) it can definitely get other non-tech users. Sorry you went through that. EDIT BTW - I use VirusTotal - Free Online Virus, Malware and URL Scanner[^] for these types of things. Would love to see the results for your scan of that download.
-
Eddy Vluggen wrote:
detect a keylogger
Um, depending on how it's written, a software one can most likely be detected. A hardware one, most likely not.
#SupportHeForShe Government can give you nothing but what it takes from somebody else. A government big enough to give you everything you want is big enough to take everything you've got, including your freedom.-Ezra Taft Benson You must accept 1 of 2 basic premises: Either we are alone in the universe or we are not alone. Either way, the implications are staggering!-Wernher von Braun
TheGreatAndPowerfulOz< wrote:
Um, depending on how it's written, a software one can most likely be detected.
Yes, would be nice if you knew what you were looking for then :rolleyes: --edit There was an article about hooks on The Old New Thing, but I cannot find it at the moment.
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^][](X-Clacks-Overhead: GNU Terry Pratchett)
-
Phishing email scam utilizes keylogger malware to steal sensitive information[^] I recently got an email with a Word attachment that insisted I install Silverlight in order to view the attachment. I did run the install in a moment of stupidity, but immediately realized my mistake. So I re-imaged my systems drive from a recent image to get rid of any potential malware. I also changed all my critical passwords with financial institutions.:mad: I have suggested it before, but I really wish we had a Security Forum on CP, where members can exchange data about such malware to benefit all of us.
Get me coffee and no one gets hurt!
Look on the bright side - at least you had the backup. Most non-professionals don't even have one.
If you have an important point to make, don't try to be subtle or clever. Use a pile driver. Hit the point once. Then come back and hit it again. Then hit it a third time - a tremendous whack. --Winston Churchill
-
Look on the bright side - at least you had the backup. Most non-professionals don't even have one.
If you have an important point to make, don't try to be subtle or clever. Use a pile driver. Hit the point once. Then come back and hit it again. Then hit it a third time - a tremendous whack. --Winston Churchill
-
Phishing email scam utilizes keylogger malware to steal sensitive information[^] I recently got an email with a Word attachment that insisted I install Silverlight in order to view the attachment. I did run the install in a moment of stupidity, but immediately realized my mistake. So I re-imaged my systems drive from a recent image to get rid of any potential malware. I also changed all my critical passwords with financial institutions.:mad: I have suggested it before, but I really wish we had a Security Forum on CP, where members can exchange data about such malware to benefit all of us.
Get me coffee and no one gets hurt!
- Block Office macros with Group Policy[^] (You'll probably need to download the Group Policy Administrative Templates for Office 2016[^]);
- Change the file association for
.js,.jse,.vbs,.vbeand.htafiles to open with Notepad by default; - Profit! :D
"These people looked deep within my soul and assigned me a number based on the order in which I joined." - Homer
-
Phishing email scam utilizes keylogger malware to steal sensitive information[^] I recently got an email with a Word attachment that insisted I install Silverlight in order to view the attachment. I did run the install in a moment of stupidity, but immediately realized my mistake. So I re-imaged my systems drive from a recent image to get rid of any potential malware. I also changed all my critical passwords with financial institutions.:mad: I have suggested it before, but I really wish we had a Security Forum on CP, where members can exchange data about such malware to benefit all of us.
Get me coffee and no one gets hurt!
Cornelius Henning wrote:
I recently got an email with a Word attachment
Red flag #1
Cornelius Henning wrote:
that insisted I install Silverlight
And that's when you toss it in the spam folder.
Proud to have finally moved to the A-Ark. Which one are you in?
Author of the Guardians Saga (Sci-Fi/Fantasy novels) -
- Block Office macros with Group Policy[^] (You'll probably need to download the Group Policy Administrative Templates for Office 2016[^]);
- Change the file association for
.js,.jse,.vbs,.vbeand.htafiles to open with Notepad by default; - Profit! :D
"These people looked deep within my soul and assigned me a number based on the order in which I joined." - Homer
-
Very nice of you to report your moment of fog on this, because if it could get an advanced tech user such as yourself (being a developer) it can definitely get other non-tech users. Sorry you went through that. EDIT BTW - I use VirusTotal - Free Online Virus, Malware and URL Scanner[^] for these types of things. Would love to see the results for your scan of that download.
-
Look on the bright side - at least you had the backup. Most non-professionals don't even have one.
If you have an important point to make, don't try to be subtle or clever. Use a pile driver. Hit the point once. Then come back and hit it again. Then hit it a third time - a tremendous whack. --Winston Churchill
Daniel Pfeffer wrote:
Look on the bright side - at least you had the backup. Most non-professionals don't even have one.
:sigh: But in my defense, I use my home PC only for gaming and paying bills, and also I'm notoriously lazy.
There is only one Vera Farmiga and Salma Hayek is her prophet! Advertise here – minimum three posts per day are guaranteed.
-
Phishing email scam utilizes keylogger malware to steal sensitive information[^] I recently got an email with a Word attachment that insisted I install Silverlight in order to view the attachment. I did run the install in a moment of stupidity, but immediately realized my mistake. So I re-imaged my systems drive from a recent image to get rid of any potential malware. I also changed all my critical passwords with financial institutions.:mad: I have suggested it before, but I really wish we had a Security Forum on CP, where members can exchange data about such malware to benefit all of us.
Get me coffee and no one gets hurt!
-
..there does not have to be a specific forum for your question, if there's no category that fits than pick the closest thing to it. Then again, you are simply opening an unsafe document with macro's; you know how that works :) If you want to know whether you can detect a keylogger, the answer is no.
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^][](X-Clacks-Overhead: GNU Terry Pratchett)
Eddy Vluggen wrote:
If you want to know whether you can detect a keylogger, the answer is no.
Yes you can. A keylogger needs to register a hook with
SetWindowsHookExwin32 API. That said, although tricky, you can detect installed global hooks. And somebody has already done it: [GitHub - prekageo/winhook](https://github.com/prekageo/winhook). It would be a tricky task to monitor and detect legit from malware global hooks. But it is possible.To alcohol! The cause of, and solution to, all of life's problems - Homer Simpson ---- Our heads are round so our thoughts can change direction - Francis Picabia
-
Well, again linux community is excluded from such an interesting software.
:laugh: Linux Ransomware Is Now Attacking Webmasters | TechCrunch[^] Ransomware meets Linux – on the command line! – Naked Security[^] New FairWare Ransomware targeting Linux Computers[^] Linux Ransomware and why everyone could be affected - Feature - PC Advisor[^] Linux and rise of Ransomware - Linux Audit[^]
"These people looked deep within my soul and assigned me a number based on the order in which I joined." - Homer
-
- Block Office macros with Group Policy[^] (You'll probably need to download the Group Policy Administrative Templates for Office 2016[^]);
- Change the file association for
.js,.jse,.vbs,.vbeand.htafiles to open with Notepad by default; - Profit! :D
"These people looked deep within my soul and assigned me a number based on the order in which I joined." - Homer
-
I read about this yesterday on ZDNet, it's probably not a macro, but an image (install Silverlight) that points to a Visual Basic Script instead of a URL which installs the keylogger. Details: [^]
Which is why you change the
.vbsfile association to open with Notepad instead of WScript. :) Still doesn't hurt to disable macros, though, since some ransomeware still uses them.
"These people looked deep within my soul and assigned me a number based on the order in which I joined." - Homer
