Big Suggestion

[kudzu23]

Two weeks ago, I was researching on the web, and I clicked on a link to a website and it installed a trojan on my machine. I instantly knew something was wrong, an icon popped up on my desktop called Kill and Clean, and something popped up in systray that said my system might be comprimised. The message was actually from the trojan, trying to get me to click it so that it could install other programs.

After hours of trying to clean my system throughly of this trojan, my system was still behaving very strangely so I decided to completely reinstall windows.

Then I get a call the next morning from my credit union, asking about a bunch of charges on my debit card, wanting to know if they were made by me. Turns out, someone in China had emptied out my bank account.

Apparently, the trojan mined my "saved form information" from the browser, which contained my debit card information from making online purchases. So, if you use a web browser and make online purchases, MAKE SURE IT DOES NOT SAVE YOUR FORM INFORMATION. I use firefox and it has it enabled by default. If yours is enabled, clear out the saved information and disabled it.

I did end up getting my money back, after filing a police report, getting forms notorized, several calls back and forth with my credit union.

Sort of off topic, last night, someone performed a UDP flood attack from our server at work (Denial of Service attack). Turns out, someone in China had hacked our server and used it to perform DOS attacks. What is it with the Chinese? Seems like everytime I see something malicious with technology, it points right to them. Not trying to be prejudice, but I highly doubt American kiddies over here are trying to hack into their servers or try to steal their credit card information. Grrrrr...

[Guest]

Wow, that sucks. But good thing you were able to get your money back.

Quote:

---

I use firefox and it has it enabled by default. If yours is enabled, clear out the saved information and disabled it.

---

I also use firefox, but I couldn't find where it saves your information. Is it under the "saved passwords" option?

[kudzu23]

I have version 1.5.0.4, and the config is a little different than the older version.

Its under the Privacy Section, on the Saved Forms tab, and uncheck the box. Then there is a button at the bottom that says Clear Saved Form Data Now.

You might want to upgrade if you dont have the latest, probably increases security.

[Lascar78]

yeah I never let it save any of my info, although I do let it save my passwords for unimportant things.

So what kind of porn were you researching?

[clrumph]

I am forced to use Internet Explorer here at work (even though I would prefer to use Firefox instead) and since I mostly browse the internet at work so how do I remove the saved passwords from Internet Explorer?

[kudzu23]

Go to Tools -> Internet Options

Click on the Content tab

In the Personal Information section, click on Auto Complete, and choose the settings you want

[Plastic Man]

thanks for the "heads up". advice heeded.

[Admin]

Its not safe to download anything from crack websites anymore as I have gotten a trojan on 2 different PCs that have required re-formatting both of them in the last month. Since then I have gone to using VM Ware to download anything just in case because the trojans cant get into my system through VM Ware.

Glad you got your money back though!!

[AHF]

Quote:

---

Its not safe to download anything from crack websites anymore

---

What are crack websites?

[Admin]

Websites that offer cracked serial numbers for programs so that you can "test" the programs out yourself before deciding to buy them.

[AHF]

Quote:

---

Websites that offer cracked serial numbers for programs so that you can "test" the programs out yourself before deciding to buy them.

---

Interesting. Clearly I am not at risk for getting a trojan that way!

[Buzzard]

Quote:

---

What is it with the Chinese? Seems like everytime I see something malicious with technology, it points right to them. Not trying to be prejudice, but I highly doubt American kiddies over here are trying to hack into their servers or try to steal their credit card information. Grrrrr...

---

Its probably not kiddies stealing your money but a much larger organization. Seems that gamers can also pay others in China to continue play so they can build up their characters. Found this out from my nephew and from what he said its as common as apple pie.

People are extremely poor in China and the ones actually doing the work are quite possibly living in a prison or shack somewhere; while the actual "organization" who owns the computers takes in the big bucks.

[frosgrim]

First, thanks for the heads up.

Its not just China, there are some serious hackers in Russia as well. One of the things I did to make money while in grad school was set up and maintain my department's server and computer lab. We got hit at the end of the semester with a truely malicious worm that destroyed the entire RAID on the server. There was a little DOS hack that after they scanned the server for credit card information they made the head of the disk reader continuously hit one spot on the hard drives, completely destroying them. It was a nightmare since it was the end of the semester and everyone needed files off the server. I had a back up from the day before but getting files to people was tough. Many days with a few hours of sleep.

Those Russians actually tried hitting us again about six months latter, but I was on the server at the time. I just pulled the power cord!

[joannes3000]

If you haven't looked, there's a really good extension for Firefox that prevents ALL scripts from running. You actually have to enable websites to run scripts on them. Don't know how helpful it would be against people that are hellbent on hacking, but it should make it a little bit harder.