At Wed, 9 Dec 2009 16:18:35 -0500 Michael Billingsley <michaelb at sover.net> wrote: > > MIME-Version: 1.0 > > ** Be sure to fill out the survey/skills inventory in the member's area. > ** If you did, we all thank you. > > > > > > Hi Everyone > > I know this isn't likely your area of expertise, but you might know > somebody in computer security (or cyber-terrorism) so please pass > this along. > > There might be a very new slave-bot operation starting right now, out > of server 193.219.117.80 - 99 (Grigorescu, Romania). > > The operation is disguised as a Facebook Login Update > implementation... very slick. Facebook users will get an email > saying "In an effort to make your online experience safer and more > enjoyable, Facebook will be implementing a new login system that will > affect all Facebook users." > > The perpetrators are using TeamViewer remote access to breach > firewalls and slave unsecured PC's and Macs. Blatant... and if you > don't know what this means, it means that they will plant a small > piece of seemingly quiet software in your computer making it possible > for someone in another country to operate your computer while you're > not. They can enter it, examine the files, plant more stuff and make > your computer do their bidding. > > This may be the prelude to a denial-of-service-attack where somebody > needs a lot of computing power, and has hired Romanian computer thugs > to line up the processors. I think a lot of money might have gone > into this. > > If you have access to any computer security networks (I don't) and > can warn folks, I'd appreciate it. I could not reach Facebook > directly because they don't (stupidly) provide an access address... > as does Google... for phishing attempts, etc. But this may be > bigger than that. Facebook was just picked because it's so > ubiquitous, and these folks apparently want a LOT of fast personal > computers on hand for... uh... whatever. It remains to be seen. > > Iran, perhaps - hoping to overpower its own external Internet > traffic? Or somebody actually wanting to "stop" an entire > government, or maybe a "simple" widespread criminal enterprise. > Can't tell. But my radar tells me this could be very problematic > for somebody - and certainly you if your computer is compromised in > this fashion. Nah, it is most likely just standard spambots with the usual scam products. > > Don't respond to such a Facebook email, or click on the connecting > button contained in it. Right, facebook, paypal, or banks, etc. don't change your password and then send you e-mail with any sort of attachment with a program to run. Take it as given that any such E-Mail message is bogus. > > Michael Cerulli Billingsley > Straight Arrow Recordings > Location Recording - CD Mastering - Sound F/X and Solutions > The Cotton Mill, Brattleboro, VT 05401 > 802-254-3975 > > MIME-Version: 1.0 > > _______________________________________________ > Hidden-discuss mailing list - home page: http://www.hidden-tech.net > Hidden-discuss at lists.hidden-tech.net > > You are receiving this because you are on the Hidden-Tech Discussion list. > If you would like to change your list preferences, Go to the Members > page on the Hidden Tech Web site. > http://www.hidden-tech.net/members > > -- Robert Heller -- 978-544-6933 Deepwoods Software -- Download the Model Railroad System http://www.deepsoft.com/ -- Binaries for Linux and MS-Windows heller at deepsoft.com -- http://www.deepsoft.com/ModelRailroadSystem/