Tag Archives: Virus

Deadly Ebola Strain Could Infect Asian Bats

Ebola is a viral disease that has been a threat for more than a decade. Detected in Africa, this virus causes a serious haemorrhagic fever and has high fatality rates. There have been indications that it is from bats that these viruses infect humans, and a new study in Bangladesh lends this further credence.

Source of the Disease

Diseases like Ebola emerge periodically in human populations, and just as suddenly, disappear following an outbreak. This patterns owes itself to the virus being ‘zoonotic’—a virus that infects humans via another organism. Zoonotic diseases are hard to eradicate because we can’t immunize animals in the wild. This is why we have effective vaccines for Measles (not zoonotic), but Ebola or the flu is always on the radar for health officials. Thus, a crucial step in studying zoonotic diseases is determining their primary hosts. One criterion for primary hosts is that the virus shouldn’t be too harmful to them. If it were, it would kill the host organism and would not be able to circulate for long periods of time, as it does. Humans are definitely not its primary hosts—each outbreak subsides soon after its origin because it is so lethal.

This innocuous virion is the cause of a deadly disease. [Image Source: wikipedia]

Ebola Virus in Bats

The organism which is the original reservoir of Ebola virus has not been known for certain, though previous studies have found a few species of bats infected with Ebola. Now, researchers have studied 276 bats in three regions of Bangladesh and identified antibodies against the Ebola virus in 4% of these, meaning that the bats have, at some point, been exposed to the Ebola virus. However, they haven’t found live virus in bats, which is the piece of evidence necessary to confirm that bats are a reservoir, i.e. a permanent ‘store’ of the virus.

What Does this Study Tell Us?

Bats harbouring antibodies for Ebola has already been found—what new information does this study yield? This study tested bats for 2 strains of the virus: the Reston strain which has been seen in animals across the world (and has not caused human disease), and the more deadly Zaire strain, which has a whopping mortality rate of around 80% and was previously seen only in Africa. Antibodies for both these strains were found by this study, which means that a Zaire Ebola infectious outbreak in Asia remains a distinct possibility. How possible? We don’t know, until we have more evidence on prevalence of the virus in its primary hosts.

This research was conducted by the EcoHealth Alliance. You can read about this study here.

Beware of Dark Knight Rises Leaked Torrents on the Internet

I am a big fan of the Batman franchise movies and have watched them the day they released. To be honest, I can’t wait to watch the latest in the series “Dark Knight Rises” on July 20. Dark Knight Rises is definitely going to break box office records all over the world. However, even before the movie has even released, there are several torrent websites which have been filled up with fake torrents for the Dark Knight Rises.

Dark Knight Rises Movie Poster

While you might get into trouble legally for downloading the content, there is a high chance that the torrents available on the internet are infected with viruses and spyware which might put your computer at risk.

Also Read: What Are Magnet Links? How Are They Different From Torrents?

Back in 2010, Harry Potter Deathly Hallows Part 1 was leaked on Torrent websites and was downloaded millions of times. That leak was potentially intentional because it left off a good part of the movie out of the torrent thus driving users back to the theatre to catch up the rest of the movie. There were also several instances of fake torrents which infected users who downloaded them. The Dark Knight Rises torrents are fake and targeted towards gullible users who will be infected with malware and spyware.

While downloading torrents in itself is not illegal, it is always advisable to check your copyright laws before you download anything to your computer. While there are several tools which help you to download torrents anonymously, you should also use services which will tell you whether a torrent is infected or not.

And last but not the least, go ahead and check out some Dark Knight Rises Posters and Billboard ads and enjoy the Dark Knight Rises in theatres this week. It is definitely going to be worth it.

This Day MIGHT Just Be Your Last On The Internet [Editorial]

Does the name DNSChanger sound familiar? Well I’m quite sure it wasn’t to many until recently when the word went out on web, thanks to the-kinda-hyped initiative from ISPs and FBI. Most infected users were incognizant of the threat of getting disconnected from the internet. So before we get down to solving the problem, let’s get a formal introduction to the threat it possesses.

dns-changer-malware

What is DNS?

As per Wikipedia,

The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. A Domain Name Service resolves queries for these names into IP addresses for the purpose of locating computer services and devices worldwide. By providing a worldwide, distributed keyword-based redirection service, the Domain Name System is an essential component of the functionality of the Internet.

In plain English, DNS is an interpreter that translates human understandable domain names into IP requests readable by a computer server. So if they are absent, you are practically disconnected from the web unless you know the IPs for your daily Facebook and Twitter addiction. Think of a lone blind man in a blind alley. Without DNS an internet user is just that blind person.

So what’s DNSChanger?

Known by many names (TDSS, Alureon, TidServ and TDL4 viruses) the DNS Changer is a malware that changes your DNS for malicious intentions. So typing a URL, instead of taking you to an original website, will show you an altered version that serves the purpose of the perpetrators promoting fake and dangerous products. On November 8 last year, FBI and Estonian police arrested individuals operating under the name “Rove Digital”. This unearthed “Operation Ghost Click” that, so far, has victimized around 570,000 (while experts place the number somewhere around 250,000) computers.

Why is this sudden urgency?

While the incident is quite old, the good guys managed to hinder the actions of the DNSChanger by running an alternate server for the Rove Digital botnet so the infected users may continue to enjoy proper DNS redirection up to the time, they find a cure for the disease. Under court order, these(two) servers will be down from today and infected users won’t be able to browse internet in a way it actually works.

Cure for the Itch

DNS Changer Working Group(DCDW) has nice set of links which you can use to check if your computer is infected with DNSChanger and if so, how to remove DNSChanger malware. I’m not delving into more as the steps/tools illustrated there are not so theatrical and any average Joe can get them done.

If you are late to fix it and you can’t just visit websites for a query, here’s a IP to the URL (74.125.45.100/search?q=dns+changer+working+group) where you can find answers to fix DNS Changer malware.

What if I’m not so unlucky?

I’ve read a dozen pieces by now, and a hundred more updates on the social networks. That inspired me to come up with such a scary title for the article and as it may suggest ANY user might lose their much beloved internet connectivity. That’s a false underlying notion. Well, if you aren’t affected, YOU AREN’T GOING TO SUFFER. Keep enjoying the epic fail videos until the Internet really falls apart.

That’s one of the ugly sides of technology. Any average user is hardly aware of the existence of the complex mechanisms that work in background in order to make their computing task a breeze. So if anything goes wrong in the backstage they are only worried if something in the performance behaves weirdly. And if it isn’t, well they hardly even feel that it actually happened. That’s the case with this security threat which so far didn’t seem to be a trouble, although, it had serious implications like disabling antivirus features to do what it was intended for.

The internet community has always been judgmental and several conspiracy theories are already out. As they point out, like the Y2K crisis, as anticipated, this DNSChanger issue won’t actually mean a doomsday for the internet users. Frankly, a few thousand strong infected users can hardly be a dent in a crowd of billions. However, if you are one of them, you have big reasons to worry and perhaps it will be wise to get it fixed and now is a great time to do that.

Flashback Trojan Infection Affects 600,000 Macs

Mac OS X has been devoid of any large scale viruses and Trojans for a long time now. However, of late as the popularity of Mac has grown, virus creators have started targeting the OS with new viruses. This is evident with the number of viruses and Trojans which are being written for Mac. Take for example the Fake Mac Defender Anti-Virus (removal instructions).

A recent investigation by a security group has found out that a new virus called Flashback has been infecting nearly 600,000 Macs globally. The latest variation of this virus has been targeting an unpatched Java vulnerability in Mac based PCs. The OSX Flashback Trojan connects to a remote server and downloads instructions and payload. Once the payload has been downloaded the malware will modify webpages in the web browser and try to collect personal and other information and send it back to their servers.

If you are a Mac user, the first thing you should do is apply the new patch supplied by Apple that patches this vulnerability. However, there is a chance that you might have been already infected by the Trojan.

F-secure has put up some detailed instructions on their website to find out whether you are infected by the Flashback Trojan for Mac along with instructions to remove the OSX Flashback Trojan. You can visit this page to find instructions for removing Flashback Trojan and remove it from your system.

The detection and removal instructions are targeted towards advanced users so you might want to have someone familiar with Terminal taking a look at it for you.

Also, don’t forget to apply the latest update patch supplied by Apple. To do that, open the main system menu on your Mac by clicking on the “Apple icon” and click on the item “Software update”. Once the software update has checked for updates, apply any new patch/Java update that is available for your system.

We’ll try and post more simpler detection and removal instructions for this shortly.

Check Out My Homemade Video Facebook Scam

Another new video scam is spreading on where users are being enticed with names of celebrities and more spreading a so called "homemade video".

Homemade Video Facebook Scam

The Facebook scam is spreading with the following message and uses names of celebrities and friends as well.

OMG! CHECK OUT THIS? Check Out my homemade video, View the Suck Video of my Partner. My Sex Video for you. View My xXx Site. Watch H O T S 3 X Video happened On TV. freefreefri.us.mn.

The site in question fools the user by spoofing the Facebook website and asking users to disable their Antivirus software. However, DO NOT DO IT because the app may install virus or malware on your computer.

If you click on the video link will download an executable which will spoof the VLC player and install viruses and Trojans on your computer. So stay away from it. There have been several other nasty video scams on Facebook lately including the Justin and Selena bedroom hidden camera scam and Whitney Houston death scam among others.

In addition to downloading virus/malware on your computer it will also post the message on your wall thus making your friends a target.

As a precautionary measure, always check which applications you use and remove unwanted or suspicious ones. If you aren’t sure how to do it, you can always check our guide on removing apps from Facebook. In addition to that, don’t forget to check out our article about Avoiding Facebook Lifejacking and Clickjacking scams.

With over 800 million users on Facebook, the social networking giant has always been the main target for spreading scams. It is quite difficult to identify scams on Facebook. Here is a post on How to Identify and Avoid Facebook Scams. Bookmark Techie Buzz Facebook Scams or Subscribe to Scam Alert Feed. We always keep you updated with the latest scams spreading on Facebook.

ARM Powered Windows 8 Tablets To Be Virus Free

Earlier today, president of the Windows and Windows Live division, Steven Sinofsky wrote a lengthy article detailing Microsoft’s development of Windows 8 for the ARM architecture.

As I still go through the article (it’s so long that I printed a copy), there is a lot of information hidden in the 8,600 word article which I will share in subsequent posts. However, the biggest news is that viruses that affect Windows 7 (and even Windows 8) won’t be compatible with Windows on ARM. According to Sinofsky:

  • WOA will not be able to run existing x86/x64 applications. In order to build applications for Windows on ARM, they will have to be developed using the WinRT architecture.
  • Apps that have been developed for WOA, using WinRT, will be only available through the Windows App Marketplace. The marketplace will act as a checkpoint for rogue applications.

The two steps ensure that a WOA device (primarily tablets) will not be as easily affected by the plethora of viruses that exist today.  Talking about the issue in the article Sinofsky says,

Our focus on delivering a new level of security for consumers using WOA is paramount. In one public event, we were asked if we would “make it easy for existing viruses and malware to run.” Now you can see the answer is decidedly, “no.”

I spoke with Windows hacker Rafael Rivera (of Within Windows fame) and he believes that unless a user roots his WOA device, his device is theoretically safe from virus infections. For Microsoft, Windows on ARM (WOA) is another version of Windows akin to Windows Server, Windows Phone or Windows Embedded. Microsoft is also expected to bundle their antivirus/antimalware tool–Security Essentials–with Windows 8.

99% People Cant even Watch This Video For More Than 25 Secs Facebook Virus

A new Facebook scam is spreading in various version. This new scam is an old version and has a signature similar to the 99% People Can’t See This Video scam and the 98 Percent of People Can’t Watch This Video for More Than 15 Seconds and the U.S. attacking Iran and Saudi Arabia World War 3 Virus.

Facebook 99% Can't Watch Video Scam

Clicking on the URL in the link will take you to a page which looks very similar to Facebook (see screenshot above) and asks you to install a Divx plugin to watch the video. Clicking on the install plugin will download a extension or plugin for your browser which could snoop on your browsing habits and steal personal and important information from your PC.

This could also mean that the scammers have access to your banking and credit card information. So take this very seriously and do not click on those links.

There have also been a lot of other video scams spreading on Facebook including the Police Office Good Deed before dying scam, OMG This is what happened to his Ex Girlfriend and OMG!! Watch What Happened to His Ex Girlfriend when She Reveals a Secret. We urge you to stay away from links which are enticing as they might contain viruses and also spread the malware among your friends.

As a precautionary measure, always check which applications you use and remove unwanted or suspicious ones. If you aren’t sure how to do it, you can always check our guide on removing apps from Facebook. In addition to that, don’t forget to check out our article about Avoiding Facebook Lifejacking and Clickjacking scams.

With over 800 million users on Facebook, the social networking giant has always been a main target for spreading scams. It is quite difficult to identify scams on Facebook. Here is a post on How to Identify and Avoid Facebook Scams. Bookmark Techie Buzz Facebook Scams or Subscribe to Scam Alert Feed. We always keep you updated with the latest scams spreading on Facebook.

U.S. Attacks Iran and Saudi Arabia World War 3 Facebook Virus

A new scam message is spreading rapidly on Facebook where users are spreading messages that might cause lot of diplomatic problems. The scammers are spreading the new Facebook scam with a message saying that the U.S. is attacking Iran and Saudi Arabia and it is the beginning of World War 3?

U.S. Attacks Iran Saudi World War 3 Virus

The message is spreading with the text:

U.S. Attacks Iran and Saudi Arabia. F**k :-(. [url]. The Begin of World War 3?

Clicking on the URL takes the user to a page which looks like CNN and has a video and some comments on the side. Clicking the play button on the video asks the user to download Adobe Flash Player 11.5 to play the video. However, instead of download Adobe Flash Player the scammers download a virus to your computer.

We urge users to NOT CLICK ON THE LINK or on the DOWNLOAD anything to their computers.

Also, as a precautionary measure, always check which applications you use and remove unwanted or suspicious ones. If you aren’t sure how to do it, you can always check our guide on removing apps from Facebook. In addition to that, don’t forget to check out our article about Avoiding Facebook Lifejacking and Clickjacking scams.

With over 800 million users on Facebook, the social networking giant has always been a main target for spreading scams. It is quite difficult to identify scams on Facebook. Here is a post on How to Identify and Avoid Facebook Scams. Bookmark Techie Buzz Facebook Scams or Subscribe to Scam Alert Feed. We always keep you updated with the latest scams spreading on Facebook.

Computer Virus Infects US Drones Predator and Reaper Cockpits

It has been discovered that the cockpits of two US drone  fleets Predator and Reaper, have been infected with a virus. The virus infection was discovered two weeks ago in the Creech Air Force base in Nevada. Since then, the officials have been trying to remove the infection, but the virus keeps on coming back, reports WIRED.

The virus consists of a Trojan payload that logs the keystrokes of the pilot controlling the drones remotely. As you might know, these drones have been used extensively in spying as well as targeting enemy territory remotely and have been a great asset to the US Army.

It isn’t apparently clear whether the infection is a result of a cyber-attack or whether it was just an accidental infection. Whatever the case may be, the virus has infected both unclassified as well as classified machines, and it is speculated that some confidential data might have gone outside of the military network.

Interestingly, this is not the first time that the Predator and Reaper fleet has come under security scrutiny. It was well known that these drones send video to their stations unencrypted. The US Army had previously found hours of drone video recording on computers seized from Iraqi insurgents.

Reuters has quoted an unnamed source saying that this infection hasn’t impacted overseas missions.

Fake Mac Defender ‘Anti-Virus’ For Macs On The Loose

One of the heavily criticized aspects of Windows OS has been its vulnerability to viruses. Its competitor, Mac OS, has been relatively safe from viruses up until now.

Since the last couple of weeks, a malware for Mac OS X has been on the loose, namely Mac Defender. This Trojan/malware spreads as a security application, which will help users remove viruses’ from the OS X.

clip_image001

The application has a very polished look, and can easily deceive veteran Mac users as well. On the first launch, the application will falsely detect some of the files on your Mac computer as infected by virus. The application will also open pr0n websites on your Mac, making users think that their computer is infected by viruses.

The application will ask users to purchase the license of their application so as to remove advanced viruses. The 1 year license of the app costs a whopping $59.95, while the 2 year and the lifetime license costs $69.95 and $79.95, respectively. Once a user clicks on the Register button, he is taken to an unsecured website where he is asked to enter his credit card details.

Once the user enters his credit card details, he will be basically charged for software which actually infected his Mac. Other genuine anti-virus and anti-malware software for the Mac detect the Mac Defender app as a virus. However, looking at how rare viruses are for Mac, I doubt many Mac users would be using anti-virus software.

I will be writing a detailed step-by-step guide on how to remove Mac Defender virus from your beloved Mac, so stay tuned!