Results 1 to 8 of 8
  1. #1
    Untangler
    Join Date
    Aug 2009
    Posts
    49

    Default Stopping fake "antivirus" programs

    Hi all

    Every now and then one of our computers gets hit with one of those fake antivirus programs. The latest is the "windows xp recovery" one.

    Is it possible to stop these via untangle antivirus or even another of the UT modules?

    thanks
    Tracy

  2. #2
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    25,095

    Default

    Most of these buggers are getting in via out of date Java installations, or ancient non-updating Acrobat Reader 8.0 installs.

    Untangle's AV helps, as does strong desktop AV. But if you want to prevent them, update your stuff.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #3
    Master Untangler
    Join Date
    Jul 2010
    Posts
    286

    Default

    Quote Originally Posted by sky-knight View Post
    Most of these buggers are getting in via out of date Java installations, or ancient non-updating Acrobat Reader 8.0 installs.

    Untangle's AV helps, as does strong desktop AV. But if you want to prevent them, update your stuff.
    Very true.

    Most people just click NO don't update and ignore the fact that updates are important.

  4. #4
    Untangle Ninja f1assistance's Avatar
    Join Date
    Apr 2009
    Location
    Holly Springs, NC
    Posts
    1,495

    Default Social Engineering Just Works!

    If users have unhindered access to the interweb along with permission to run/install, and you marry this with their curiosity and compulsive need to click, malicious software taking up residents on that machine cannot be stopped...
    I personally appreaciate SSL/TLS for my own privacy, but am concerned and frustrated with the lack of visibility and control realized as an admin.
    It's the age old game of cat and mouse with no end in site...stay tuned as the saga continues.

  5. #5
    Master Untangler
    Join Date
    Jul 2010
    Posts
    286

    Default

    Quote Originally Posted by f1assistance View Post
    If users have unhindered access to the interweb along with permission to run/install, and you marry this with their curiosity and compulsive need to click, malicious software taking up residents on that machine cannot be stopped...
    I personally appreaciate SSL/TLS for my own privacy, but am concerned and frustrated with the lack of visibility and control realized as an admin.
    It's the age old game of cat and mouse with no end in site...stay tuned as the saga continues.
    Good thing Ubuntu is free and MORE Support than ever before!

  6. #6
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    25,095

    Default

    A change in OS will not cure the end user of bad habits. I don't care how good it is, the threats will simply change to match the new paradigm.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  7. #7
    Newbie
    Join Date
    Jun 2010
    Posts
    7

    Default

    Also the fact Java runs on *nix as well, there are cross platform attacks. I can't help but feel a bit of schadenfreude with the recent wake up call Mac users have gotten from Mac specific malware.

    The big 3 to patch or disable are Java, Flash Player and Acrobat (and/or Reader). Truly any PDF handler if you wish to be honest, Adobe just has more attack vectors than others, but none are fully immune from a malicious PDF. Taking simple steps to disable Java, opening 3rd party files and multimedia content (all are enabled by default) within your PDF handler go a long way towards protecting against the "next" wave of PDF based attacks.

  8. #8
    Master Untangler
    Join Date
    Aug 2008
    Posts
    639

    Default

    I actually got hit with one of these for the first time today. Looks like AndroidCentral is under attack and spreading malware.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2