OS X vor Trojaner schützen Mac Life

Bitcoin-Stealing OS X Trojan Now Masquerading as 'Angry Birds' and Other Popular Mac Apps

Bitcoin-Stealing OS X Trojan Now Masquerading as 'Angry Birds' and Other Popular Mac Apps submitted by thatshirtman to apple [link] [comments]

Bitcoin-Stealing OS X Trojan Now Masquerading as 'Angry Birds' and Other Popular Mac Apps

Bitcoin-Stealing OS X Trojan Now Masquerading as 'Angry Birds' and Other Popular Mac Apps submitted by mybitcoinalternate to Bitcoin [link] [comments]

New trojan horse and variants operating on Mac OS X gather login credentials to steal Bitcoins

New trojan horse and variants operating on Mac OS X gather login credentials to steal Bitcoins submitted by BTCNews to Bitcoin [link] [comments]

Mac OS X Trojan steals processing power to produce Bitcoins

Mac OS X Trojan steals processing power to produce Bitcoins submitted by xylon to HackBloc [link] [comments]

ZDNet.be: "Mac OS X-trojan probeert bitcoins te stelen" (X-post /r/BitcoinNL)

ZDNet.be: submitted by DLSS to BitcoinBE [link] [comments]

Mac OS X Trojan steals processing power to produce Bitcoins

Mac OS X Trojan steals processing power to produce Bitcoins submitted by BrooksTomlinson to TechNewsToday [link] [comments]

Mac OS X Trojan steals processing power to produce Bitcoins

Mac OS X Trojan steals processing power to produce Bitcoins submitted by Jman59 to techsnap [link] [comments]

Oh my: [Bitcoin]-Stealing Mac OS X Trojan Discovered (link) ...

submitted by AppStream to appstream [link] [comments]

Bitcoin-Stealing OS X Trojan Now Masquerading as 'Angry Birds' and Other Popular Mac Apps

Bitcoin-Stealing OS X Trojan Now Masquerading as 'Angry Birds' and Other Popular Mac Apps submitted by stringentthot to MacBitcoin [link] [comments]

Starting from scratch with dual boot

I got a bitcoin mining trojan on my Windows 10 install which really seems to have screwed up the OS's. I'm experiencing freezes that's glitching the mouse on both Windows and macOS, so I'm worried that the virus potentially have made some strange changes that affects both the OS's. Not sure if that's the case, but as I've wanted to use macOS with OpenCore instead of Clover for a while, I'm now seeing this issue as a opportunity for starting from scratch.
What are the procedures for reinstalling both my Windows drive and macOS drive from scratch? Should I just use the USB drives for each system in order to remove the installations from there and just do a fresh install? Will the Clover EFI partition be removed when doing this? This is of course something that I want if I'm about to do a install with OpenCore instead.
submitted by tobey_g to hackintosh [link] [comments]

Trojan malscripts; **what are they?**

in this post you will learn a little about publicly available information on malscripts
what is a trojan.malscript? -a quick google search turns up this result from 2014 (outdated?)
Search Results (Featured snippet from the web) Systems Affected: Windows - Trojan. Malscript is a heuristic detection for Web-based malicious script files that exploit vulnerabilities and/or perform heap spraying.-Sep 3, 2014- -Trojan.Malscript | Symantec- -https://www.symantec.com › security-center › writeup-
-not very clear!... lets try learn some more!!.. *another quick google search gives up some information about other systems not just windows affected
-If we add keywords like linux we get varied results such as this (albeit, older but w/e)
Search Results (Featured snippet from the web) -Systems Affected: Linux, Mac, Solaris, Windows.- Trojan. Malscript. C is a generic detection for HTML files infected with a JavaScript that redirects the browser to a malicious Web site that may exploit the browser or download other malicious threats.-Jan 30, 2010- -Trojan.Malscript.C | Technical Details | Removing Help ...- -https://us.norton.com › trojan.malscript.c-2010-013011-2940-99-writeup.html-
so given a couple quick searches we can guess a bit -we need: *java *HTML *access to the internet somehow (could be by an offline file touching an online source; this puts the item at risk for "contracting" offline ai or crawling codes)
another way would be
*write a "safe" code on here on reddit but its gonna take me time since reddit allows this:
if 1 * 2 < 3: print "hello, world!" 
this can be achieved by possibly writing a code to a site that had malscripts already deployed such as an embed code, or request in an "iframe"
  • Alot of people may remember sites such as:
https://www.xanga.com and various other places; *these places allowed HTML editing for themes and overall page layout -sites such as http://www.neopets.com etc. had/have this ability as well.

-these sites are great examples of how easy it could be to place an HTML or java malscript that was made to either be good/bad/both; especially now, given our extremely large usage of internet!
Sure; #scareme... what can a trojan.malscript do!
quick learned facts:
-exploits an available resource via internets (lol)
-is a form of 'script' (really generic term) that employs heuristic based approach; defined as and asked to google before:
What is a heuristic approach?- -“A heuristic technique, often called simply a heuristic, is any approach to problem solving, learning, or discovery that employs a practical method not guaranteed to be optimal or perfect, but sufficient for the immediate goals.-Feb 5, 2018- -Heuristic Approaches to Problem Solving- | -101 Computing- -https://www.101computing.net › heuristic-approaches-to-problem-solving-
-may perfrom heap spraying which is defined here
A heap spraying attack is a remote code execution exploit that allows the attacker to insert arbitrary code in the system's heap memory space. ... The spray is followed by exploit code that, when inserted into the heap memory, will exploit a weakness or vulnerability, allowing the code to execute on the system.-Aug 11, 2010- -Heap Spraying Buffer Overflow Attacks - Cisco.com- -https://tools.cisco.com › center › resources › security-alerts-announcement-
WAIT! isnt that good...or bad...or OMG wth! #notscared?scared?
it really depends 0.o
-why is there a malscript in the first place; this is a great place to start asking questions for any individual or business by asking what OS is being used and what version/type/grade/blahblah
I use windows xp, windows xp is a "unsupported"(mostly) os - I use it to dissect information. its wonderful! also sucks sometimes when the software is riddled with holes and various other "things" shoutout to Microsoft for updates in DEC 2019! x<.3
Windows xp pro sp3 5.1.2600
I use AVG anti-virus with highest settings and personal settings that the free version can have
get to know my computer better? #thisajoke??
Nah, over the years Ive collected knowledge and some more common answers to basic questions in cyber security, qustions like "what is a malscript"? have simple answers, mostly... things like these 5 objects can be defined as being malscript:
  • Anti-virus
  • Anti-malware
  • anti-execution mechanisms
  • any word processor may or may not be defined as malscript if it can "spell check" your work or place a timestamp
  • third party input/output mechanism; things such as mouses, sd, usb, cd, internet(s) that crawl for information like web.archive, bitcoin code, cryptocode overall if it has a weakness to malscripted behaviours
there are MULTIPLE other reasons, one such problem is:
mass-malware campaigns and adware from older computers attempting to propogate and control older versions of networks that no longer work as expected/coded to seek
^ this type of malscript "poorly planned, and hastily executed or outdated"; can have adverse impacts on the internet as a whole - not just for the computers expected to be impacted.
ok, malscripts. so what can #I do?
when approaching cyber security its easy to become overwhelmed by the amount of information that is available; to research; to dissect; to use as examples...
what the best thing anyone or a group can do?;
attempt to make an effort to learn about the item a bit before, using or expecting them to work a certain way; due to a biased info source like ones own
seek outside sources, but also be careful an use knowledge seeked as knowledge that may or may not be "useful" for the current project or situation...
this post was an attempt to gain knowledge and some skills in writing and information sharing.
thanks everyone!
hope you enjoy my reading material!!
Have a Awwww-some new year!
ReachOutForBits recommends "useless" backup scanning after securely and safely removing identifiable information before scanning at https://www.virustotal.com before resell of computer or devices ; in order to avoid costly data blunders such as
ids/creds cloning
phonenumber collection
email collection
by persistent threats that are EXTREMELY HARD TO DETECT ; even penetrating some hardwares with advanced capabilities such as "sleeping" AI or, Run-mocking AI!
think of all the people who said AI will skynet us; maybe AI is just a stepping stone for some BAD F-IN MALWARE that someone has written that needs no C&C mechanism or user interaction at all - not the AI itself persay.
this is one form of persistant threat that needs to be identified to ensure non-tainted, verifiable, security information results into the future and beyond...
other threats include:
  • over-patriotic; otherwise defined as "EXTREMIST" - individuals of ANY COUNTRY, ANY RELIGION, ANY CREED, ANY BELIEF or OATH or CONSTITUTIONAL AGREEMENT.
  • fake bomb threats and faux-emergency calls
  • So called, anons, that gather in groups and communicate between each-other; effectively destroying the meaning of being ANON. singular noun
    the types of people(s) that write their own definition at urbandictionary and then proceed to agree together that thats it.
    • ahha, hah..hahahah...this is funnny....get this:
    -they also gather en-masse in attempts to overwhelm and proceed to cause irreprible cost or some form of damage - rarely peaceful anymore.
names like troll are no longer what they were, fictional characters under a bridge; troll is now Pseudonym for prankster(s) @ anycost
  • Crypto-currency Jackers who have designed tech to prevent proper payments and reward systems (at-source or in-transit) from being implemented; according to consensus.
  • Outdated, over-sourced(more than 10 downloads) malware
  • Junk and bloat that often comes preinstalled with no intention of caring whether or not the user will actually "use" it.
    this type of item hogs CPU/GPU and introduces ill timed updates that cannot be controlled!
submitted by killabell33 to MinimalistHacking [link] [comments]

DXCHAIN: big data meets blockchain (development progress)

Dxchain is world's first decentralized big data and machine learning network powered by a computing-centric blockchain.
Let's discuss it's development progress and project updates.
Dxchain is now an open source - debut of godx
You guys may be wondering “What’s Godx? What are the contents and features of the open-source code? What does open source really mean?”
What’s Godx? Godx is a blockchain project written by the DxChain team using Go. Currently, it supports 64-bit Linux and MacOS operating systems. It not only implements the common blockchain ledger system, but also implements a large-scale distributed storage system. Compared to traditional storage service providers, Godx is based on the blockchain tech that can provide users with more transparent, secure and efficient distributed storage services.
How can I access Godx open source? DxChain’s full open-source code for testing Network 3.0 is hosted on DxChain’s GitHub. Click this link to get the code: https://github.com/DxChainNetwork/Godx
Why open source? In the blockchain world, code is law, and it forms the community consensus on the blockchain. From now on, the DxChain Godx project is open source, which means that any engineer familiar with the go language can access the code through the provided link. This allows them to review its internal implementation logic, verify and modify the code, and compile their own executable file. It also means that no Trojan or backdoor virus can hide in the program to ensure that the project runs in a completely open and safe environment. The DxChain team is willing to work with community members to maintain this code-based law and build a healthy developer ecosystem.
Currently, DxChain uses GitHub as a platform for all code development and management. Starting today, the code modification and upgrade of all subsequent DxChain project developments will be carried out in a completely open and transparent environment. We welcome the supervision and inspection of team members from the global community. We will use actions to prove that DxChain is serious about its open-source code. I hope that every technology enthusiast can provide us with more valuable suggestions in order to improve our decentralized storage ecosystem!
What’s inside the Godx open source code? The Godx project is written in Go language and contains 1,706 go language source files, totaling 738,531 lines of code, which was developed by 8 main engineers. (For detailed indicators, please refer to GitHub statistics: https://github.com/DxChainNetwork/Godx/pulse The main module of the program includes general blockchain templates such as account, consensus, core, miner, p2p, rpc and evm, in addition to storage contract modules such as a storage client for storageclient and storagehost.
The high-quality code isn’t the only thing that makes this project outstanding. We believe that a clear and detailed document is equally as important in order to get developers started. The DxChain team provides community developers with detailed development updates and usage documentation. Throughout the project, use the tutorial found in the README.md document (https://github.com/DxChainNetwork/Godx). Developers can easily configure and install Godx code and experience DxChain storage and mining functions.
What are the features of the Godx project? The DxChain team has always been committed to using blockchain technology to provide solutions for data storage and computing problems. We will elaborate on the various futuristic tech innovations used in the project and bring you a taste of the future. This article will briefly introduce the following three aspects: EVM smart contracts, lightning network storage protocol and fast verification algorithm.
Compatibility with EVM Virtual Machine In the smart contract solution, the Ether-compatible virtual machine has 3 unique advantages. It is Turing complete, has DAPP development based on smart contracts, and its EVM platform is situated in the mainstream. The DxChain team has expanded ethereum’s original EVM and added a storage contract function while still being compatible with the original virtual machine commands. Therefore, developers can use both EVM and storage contract functions. The original Ethereum DAPP developers can directly compile the source code of their APP into Godx with almost no modification, which greatly reduces the development cost for the majority of developers.
Lightning Network Storage Protocol Since its launch, Lightning Network had the expectation to improve bitcoin transaction speed and scalability. In the algorithm of the offline file contract, the DxChain team also adopted a protocol similar to the lightning network channel. We call it the storage protocol. The storage protocol allows two parties who store the same file in the main chain to sign the contract, carry out the pledge fund and follow up on many detailed activities (such as uploading/downloading files) that can be implemented offline until the funds are settled by both parties. This means that even if there are huge files in the network that need to be stored, it can be quickly completed, without affecting the main chain, greatly improving storage performance and throughput efficiency.
Compatibility with EVM Virtual Machine In the smart contract solution, the Ether-compatible virtual machine has 3 unique advantages. It is Turing complete, has DAPP development based on smart contracts, and its EVM platform is situated in the mainstream. The DxChain team has expanded ethereum’s original EVM and added a storage contract function while still being compatible with the original virtual machine commands. Therefore, developers can use both EVM and storage contract functions. The original Ethereum DAPP developers can directly compile the source code of their APP into Godx with almost no modification, which greatly reduces the development cost for the majority of developers.
Zero-second file storage verification algorithm Through the specially designed Merkle Tree algorithm, the DxChain team implemented a zero-second network-wide method based on file storage verification. Compared to other algorithms, this algorithm saves necessary network interaction time, so that the acceptance speed of large files can be kept within milliseconds. Through this verification algorithm, all file storage will be efficiently verified by the entire network, in order to eradicate hackers.
The DxChain project is unique because of the achievements and improvements made by our team of talented engineers. In the future, we aim to release a series of analytical articles to provide an in-depth explanation of DxChain’s open-source code. Please stay tuned!
Conclusion Finally, the DxChain team would like to thank all of the supporters who accompanied us. Godx Open Source showcased the transformation of DxChain from being a team leading project to one that is driven by the community.
Everyone is welcome to provide us with valuable comments or suggestions by reporting an issue on GitHub. Every bug report and algorithm proposal will help DxChain’s development. We look forward to developing with DxChain's global community in the future, building a win-win, healthy developer ecosystem with continuous technological innovation, and leaving a permanent mark on the blockchain world.
Please share your views and suggestions Here is the website link: https://www.dxchain.com/
submitted by TechnicalChaudhary to cloudstorage [link] [comments]

OS X users beware: Download.com and MacUpdate.com distributing bitcoin-stealing malware!

Hey Reddit, just wanted to give you a heads up regarding some new developments in our investigation of OSX/CoinThief. Previously distributed under the names "BitVanity" and "StealthBit" on Github, the malware has also been distributed under the names "Bitcoin Ticker TTM" and "Litecoin Ticker" on both MacUpdate and CNET's Download.com.
We've got some initial information posted here and more information can also be found over at ThreatPost.
I'll try and keep you guys updated with new information as we find it!
Manual identification and removal instructions can be found here
submitted by nptacek to Bitcoin [link] [comments]



Güney Koreli Yonhap haber ajansının aktardığı ABD merkezli Radyo Free Asia (RFA) tarafından hazırlanan bir rapora göre kripto alanındaki kötü tanıtımdan muzdarip komünist devlet olan Demokratik Halk Cumhuriyeti Kuzey Kore Cumhuriyeti, Ekim ayında Pyongyang'da bir kripto para ve konferans konferansı düzenleyecek.
İlk Kore Uluslararası Bloklaşma Konferansı, 1 Ekim'den başlayarak Kuzey Korenin başkentinde iki günlük bir etkinlik olacak. Rapora göre, konferans dünyanın dört bir yanından uzmanları bir araya getirecek. Katılımcıların, 3 Ekim’de Kuzey Kore’deki devlet kuruluşlarının temsilcileriyle de toplantı yapmaları bekleniyor.
Bir güvenlik uzmanı, anonimlik durumundan bahsetmişken, radyo istasyonuna Kuzey Kore'nin son teknoloji kripto ve blockchain teknolojileri söz konusu olduğunda yeteneklerini göstermeye çalıştığını söyledi.

Yeni Hacking İddiaları Konferansı Göz ardı Edebilir

Yaklaşan Pyongyang olayı ile ilgili haberler, komünist rejimi Batı'daki dijital güvenlik zafiyetlerini yasadışı yollarla kripto sermayesi elde etmeye zorlayan başka bir rapordan sonra geliyor. Genellikle Kuzey Kore ile bağlantılı bir siber suçlar örgütü olan Lazarus Group, birden fazla işletim sistemini etkilemek için uyarlanmış yeni bir kötü amaçlı yazılım kurdu.
Siber güvenlik firması Kaspersky'nin araştırmacıları, varsayılan Kuzey Koreli bilgisayar korsanlarının yakın zamanda Fallchill adında bir trojan kullanarak “Applejeus” adlı yeni bir kampanya başlattıklarını iddia ediyorlar. Cryptocurrency-stealing yazılımı, Asya'da adlandırılmamış adsız bir kripto para birimi değişiminin BT sistemlerine girdikten sonra keşfedildi.
Saldırı, platform çalışanlarından birinin meşru görünen bir web sitesinden virüslü bir kripto ticareti uygulamasını indirmesinden sonra gerçekleşti. Uzmanlar, Fallchill trojanının sadece Windows PC'leri değil, aynı zamanda MacOS cihazlarını ve muhtemelen Linux makinelerini hedeflemek üzere yeniden tasarlandığını söylüyorlar.

Kuzey Kore'nin Kripto Dosyası

Kuzey Kore'nin çalınan cryptocurrency'yi ele geçirmeye çalışmakla suçlanması ilk değil . Mart ayında, Asya-Pasifik bölgesinde eski NSA yetkilisi ve siber güvenlik uzmanı Priscilla Moriuchi, Kuzey Koren'in 2017'de madencilik ve korsanlık yoluyla en az 11.000 bitcoin (BTC) elde ettiğini söyledi . O sırada kripto servetinin değeri tahmini olarak 200 milyon dolardan fazlaydı
Geçen yıl, ünlü Lazarus Grubu, Güney Koreli kripto para birimi takasıyla ilgili saldırılara karışmıştı. Seul'deki istihbarat kaynaklarına göre, Kuzey Koreli bilgisayar korsanları, ülkenin en büyük kripto ticaret platformu olan ve 30.000'den fazla kullanıcıya ait kişisel verileri ihlal eden Bithumb'da yer alıyorlar.
Küresel finansal sisteme sınırlı erişim ile uğraşmak zorunda kalan Pyongyang, sınırsız ve anonim işlemler açısından kripto paralarla gelen fırsatlardan da yararlanmaya çalışmaktadır. Kim Jong-un rejiminin ülkenin uzaydaki potansiyelini geliştirmeye yönelik niyetlerinin ciddiyeti, Pyongyang Üniversitesi'nin kripto dersleri yürütmekte olduğu yönündeki raporlarla doğrulandı.
Kaynak: https://airdropsepeti.com
submitted by airdropsepeti to u/airdropsepeti [link] [comments]

10 Most Dangerous Viruses in Internet History.

Getting a computer virus has happened to many users in some fashion or another. To most, it is simply a mild inconvenience, requiring a cleanup and then installing that antivirus program that you’ve been meaning to install but never got around to. But in other cases, it can be a complete disaster, with your computer turning into a very expensive brick which which no amount of antivirus can protect.
In this list, we will highlight some of the worst and notorious computer viruses that have caused a lot of damage in real life. And since people usually equate general malware like worms and trojan horses as viruses, we’re including them as well. These malware have caused tremendous harm, amounting to billions of dollars and disrupting critical real life infrastructure. Here are the 10 most famous and malicious computer viruses.
Recommended Reading: 10 Signs Your PC Has Been Compromised


The ILOVEYOU virus is considered one of the most virulent computer virus ever created and it’s not hard to see why. The virus managed to wreck havoc on computer systems all over the world, causing damages totaling in at an estimateof $10 billion. 10% of the world’s Internet-connected computers were believed to have been infected. It was so bad that governments and large corporations took their mailing system offline to prevent infection.
📷via BBC
The virus was created by two Filipino programers, Reonel Ramones and Onel de Guzman. What it did was use social engineering to get people to click on the attachment; in this case, a love confession. The attachment was actually a script that poses as a TXT file, due to Windows at the time hiding the actual extension of the file. Once clicked, it will send itself to everyone in the user’s mailing list and proceed to overwrite files with itself, making the computer unbootable. The two were never charged, as there were no laws about malware. This led to the enactment of the E-Commerce Law to address the problem.

2. Code Red

Code Red first surfaced on 2001 and was discovered by two eEye Digital Security employees. It was named Code Red because the the pair were drinking Code Red Mountain Dew at the time of discovery. The worm targeted computers with Microsoft IIS web server installed, exploiting a buffer overflow problem in the system. It leaves very little trace on the hard disk as it is able to run entirely on memory, with a size of 3,569 bytes. Once infected, it will proceed to make a hundred copies of itself but due to a bug in the programming, it will duplicate even more and ends up eating a lot of the systems resources.
📷via F-Secure
It will then launch a denial of service attack on several IP address, famous among them the website of the White House. It also allows backdoor access to the server, allowing for remote access to the machine. The most memorable symptom is the message it leaves behind on affected web pages, "Hacked By Chinese!", which has become a meme itself. A patch was later released and it was estimate that it caused $2 billion in lost productivity. A total of 1-2 million servers were affected, which is amazing when you consider there were 6 million IIS servers at the time.

3. Melissa

Named after an exotic dancer from Florida, it was created by David L. Smith in 1999. It started as an infected Word document that was posted up on the alt.sex usenet group, claiming to be a list of passwords for pornographic sites. This got people curious and when it was downloaded and opened, it would trigger the macro inside and unleash its payload. The virus will mail itself to the top 50 people in the user’s email address book and this caused an increase of email traffic, disrupting the email services of governments and corporations. It also sometimes corrupted documents by inserting a Simpsons reference into them.
📷via MSN Canada
Smith was eventually caught when they traced the Word document to him. The file was uploaded using a stolen AOL account and with their help, law enforcement was able to arrest him less than a week since the outbreak began.He cooperated with the FBI in capturing other virus creators, famous among them the creator of the Anna Kournikova virus. For his cooperation, he served only 20 months and paid a fine of $5000 of his 10 year sentence. The virus reportedly caused $80 million in damages.

4. Sasser

A Windows worm first discovered in 2004, it was created by computer science student Sven Jaschan, who also created the Netsky worm. While the payload itself may be seen as simply annoying (it slows down and crashes the computer, while making it hard to reset without cutting the power), the effects were incredibly disruptive, with millions of computers being infected, and important, critical infrastructure affected. The worm took advantage of a buffer overflow vulnerability in Local Security Authority Subsystem Service (LSASS), which controls the security policy of local accounts causing crashes to the computer. It will also use the system resources to propagate itself to other machines through the Internet and infect others automatically.
📷via HP
The effects of the virus were widespread as while the exploit was already patched, many computers haven’t updated. This led to more than a million infections, taking out critical infrastructures, such as airlines, news agencies, public transportation, hospitals, public transport, etc. Overall, the damage was estimated to have cost $18 billion. Jaschen was tried as a minor and received a 21 month suspended sentence.

5. Zeus

Zeus is a Trojan horse made to infect Windows computers so that it will perform various criminal tasks. The most common of these tasks are usually man-in-the-browser keylogging and form grabbing. The majority of computers were infected either through drive-by downloads or phishing scams. First identified in 2009, it managed to compromise thousands of FTP accounts and computers from large multinational corporations and banks such as Amazon, Oracle, Bank of America, Cisco, etc. Controllers of the Zeus botnet used it to steal the login credentials of social network, email and banking accounts.
📷via Abuse.ch
In the US alone, it was estimated that more than 1 million computers were infected, with 25% in the US. The entire operation was sophisticated, involving people from around the world to act as money mules to smuggle and transfer cash to the ringleaders in Eastern Europe. About $70 million were stolen and in possession of the ring. 100 people were arrested in connection of the operation. In late 2010, the creator of Zeus announced his retirement but many experts believe this to be false.

6. Conficker

Also known as Downup or Downadup, Conficker is a worm of unknown authorship for Windows that made its first appearance in 2008. The name comes form the English word, configure and a German pejorative.It infects computers using flaws in the OS to create a botnet. The malware was able to infect more than 9 millions computers all around the world, affecting governments, businesses and individuals. It was one of the largest known worm infections to ever surface causing an estimate damage of $9 billion.
📷via Wikipedia
The worm works by exploiting a network service vulnerability that was present and unpatched in Windows. Once infected, the worm will then reset account lockout policies, block access to Windows update and antivirus sites, turn off certain services and lock out user accounts among many. Then, it proceeds to install software that will turn the computer into a botnet slaveand scareware to scam money off the user. Microsoft later provided a fix and patch with many antivirus vendors providing updates to their definitions.

7. Stuxnet

Believed to have been created by the Israeli Defence Force together with the American Government, Stuxnet is an example of a virus created for the purpose of cyberwarfare, as it was intended to disrupt the nuclear efforts of the Iranians. It was estimated that Stuxnet has managed to ruin one fifth of Iran’s nuclear centrifuges and that nearly 60% of infections were concentrated in Iran.
📷via IEEE
The computer worm was designed to attack industrial Programmable Logic Controllers (PLC), which allows for automation of processes in machinery. It specifically aimed at those created by Siemens and was spread through infected USB drives. If the infected computer didn’t contain Siemens software, it would lay dormant and infect others in a limited fashion as to not give itself away. If the software is there, it will then proceed to alter the speed of the machinery, causing it to tear apart. Siemens eventually found a way to remove the malware from their software.

8. Mydoom

Surfacing in 2004, Mydoom was a worm for Windows that became one of the fastest spreading email worm since ILOVEYOU. The author is unknown and it is believed that the creator was paid to create it since it contains the text message, “andy; I’m just doing my job, nothing personal, sorry,”. It was named by McAfee employee Craig Schmugar, one of the people who had originally discovered it. ‘mydom’ was a line of text in the program’s code (my domain) and sensing this was going to be big, added ‘doom’ into it.
📷via Virus.Wikidot.com
The worm spreads itself by appearing as an email transmission error and contains an attachment of itself. Once executed, it will send itself to email addresses that are in a user’s address book and copies itself to any P2P program’s folder to propagate itself through that network. The payload itself is twofold: first it opens up a backdoor to allow remote access and second it launches a denial of service attack on the controversial SCO Group. It was believed that the worm was created to disrupt SCO due to conflict over ownership of some Linux code. It caused an estimate of $38.5 billion in damages and the worm is still active in some form today.

9. CryptoLocker

CryptoLocker is a form of Trojan horse ransomware targeted at computers running Windows. It uses several methods to spread itself, such as email, and once a computer is infected, it will proceed to encrypt certain files on the hard drive and any mounted storage connected to it with RSA public key cryptography. While it is easy enough to remove the malware from the computer, the files will still remain encrypted. The only way to unlock the files is to pay a ransom by a deadline. If the deadline is not met, the ransom will increase significantly or the decryption keys deleted. The ransom usually amount to $400 in prepaid cash or bitcoin.
📷via Bleepingcomputer.com
The ransom operation was eventually stopped when law enforcement agencies and security companies managed to take control part of the botnet operating CryptoLocker and Zeus. Evgeniy Bogachev, the ring leader, was charged and the encryption keys were released to the affected computers. From data collected from the raid, the number of infections is estimated to be 500,000, with the number of those who paid the ransom to be at 1.3%, amounting to $3 million.

10. Flashback

Though not as damaging as the rest of the malware on this list, this is one of the few Mac malware to have gain notoriety as it showed that Macs are not immune. The Trojan was first discovered in 2011 by antivirus company Intego as a fake Flash install. In its newer incarnation, a user simply needs to have Java enabled (which is likely the majority of us). It propagates itself by using compromised websites containing JavaScript code that will download the payload. Once installed, the Mac becomes part of a botnet of other infected Macs.
📷via CNET
The good news is that if it is infected, it is simply localized to that specific user’s account. The bad news is that more than 600,000 Macs were infected, including 274 Macs in the Cupertino area, the headquarters of Apple. Oracle published a fix for the exploit with Apple releasing an update to remove Flashback from people’s Mac. It is still out in the wild, with an estimate of 22,000 Macs still infected as of 2014.
submitted by bogdan9409 to u/bogdan9409 [link] [comments]

What entity manages .com, .net, .gov, .us, .cn domains?

For the longest time I still have not a clue how this works. I am not sure if this is the right subreddit or something like networking
This is all I understand so far about the web (or internet?), computers, and electronics in general (its super long just skip to bold part if you need to)
Okay, but who manages the .info, .com, .net, .cn, .rs, and .gov top level domains?
There's obviously some domains that are specific to countries, and are most likely managed by that countries' government entity. E.G (.us for usa? .ws for russia, .cn for china) but aren't nearly as popular as the .net and .com domains.
.Org and .gov are US? government regulated top level domains to my knowledge, where .org is mostly nonprofit. U.S.A uses .gov domains for its government organizations
So I understand that some countries government manages that domain. But what about public top level domains, like .com, .info, .net, .ca?
Who manages the database for those? Who gives authority to godaddy for those domains for rent? Who mediates copyright conflicts for those domains? (E.G. say my name is Mike Cro Soft, and I wanted to rent a domain called mikecrosoft, but get DMCA'd / copyrighted by microsoft.com)
Like, what are the big organizations mediating internet protocols and legislation on a global scale?
Who or what has access to the biggest picture of the web, and its workings and backend?
sorry for the long wall of text, I've been missing some vital information on how the web? (or is it internet?) works
disclaimer: I don't take CS classes and did not major in computer science. So I might be really off in what i understand about the internet as a whole. Most of this is just what I learned from browsing reddit and youtube
Apologies in advance if i butchered a bunch of terms and how things work. I just wrote things as they randomly came to me
submitted by Rubick555 to AskComputerScience [link] [comments]

Mining crypto-currencies with a Mac easily Destroying Mac OS X on a real Mac! MAC OS X Computer Viruses How to Make A Trojan Horse Virus (Mac) Fast Bitcoin ADDER  FOR MAC OS / WINDOWS Free Download ...

An anonymous reader writes "SecureMac.com has discovered a new trojan horse for Mac OS X called OSX/CoinThief.A, which spies on web traffic to steal Bitcoins.This malware has been found in the wild, along with numerous reports of stolen coins. The malware, which comes disguised as an app to send and receive payments on Bitcoin Stealth Addresses, instead covertly monitors all web traffic in ... SecureMac has discovered a new Trojan Horse called OSX/CoinThief.A, which targets Mac OS X and spies on web traffic to steal Bitcoins. This malware has been found in the wild, and there are multiple user reports of stolen Bitcoins. The malware, which comes disguised as an app to send and receive payments on Bitcoin Stealth Addresses, instead covertly monitors all web browsing traffic in order ... A new Mac OS X trojan horse that monitors web browsing traffic in order to steal Bitcoins has been discovered by SecureMac.The trojan, called OSX/CoinThief.A, is disguised as an innocuous Bitcoin ... Am vergangenen Wochenende wurde bekannt, dass erstmals OS X-Rechner von einer funktionierenden sogenannten Ransomware infiziert wurden. Bei einer Ransomware handelt es sich um einen Erpressungs ... A newly identified Mac OS X Trojan bundles a component that leverages the processing power of video cards (GPUs) to generate Bitcoins, a popular type of virtual currency.

[index] [24049] [23836] [19983] [8640] [12451] [49095] [1014] [12244] [12168] [17411]

Mining crypto-currencies with a Mac easily

'Fake Bitcoin' - How this Woman ... DNSChanger Demo on Mac OSX - Duration: 4:07. Archive of F-Secure videos 2007-2018 17,392 views. 4:07 . How To Insert Image Into Another Image Using Microsoft ... In this short video screen capture I'll show you how to install the easiest cpu / gpu crypto coin miner for the Mac OSX. OSX Cpu Miner Download link: http://... Boonana Trojan Horse Unfortunately, MAC's are no longer considered fool-proof against the threat of computer malware, spyware, and viruses. These three nasties are just some of the latest computer ... For actual apps I made a mac os x mavericks developer preview virtual machine, so not only do I get the apps I need working, but I also try out the latest pre-release version of the mac os, which ... DOWNLOAD - http://bit.ly/37HaivR Fast Bitcoin ADDER FOR MAC OS / WINDOWS Free Download + Keys NEW 2020 Tags: bitcoin miner app, bitcoin miner 2019, bitcoin...