Thursday, January 24, 2013

THE ROOT OF ALL (FBI VIRUS) EVIL


Some of you may recall a fairly recent article on the FBI virus. This virus locks your computer and displays a message that says the FBI is aware that your computer has been used for some “illegal activities.” The virus then demands that you pay an outrageous fine or risk prosecution. You either pay the fine (which, unsurprisingly, doesn’t unlock your computer)  or pay someone like me to set your computer free.

I’ve long wondered where my clients were getting this infection. We are still seeing 5 or 6 cases per week at the shop. My interest was piqued recently when newswires were abuzz about an “exploit” that was found in Java software. Java is a bit of software made by Oracle that is essentially a miniature operating system within your operating system (such as Windows) and in internet browsers on Windows and Mac computers. If you’ve ever played the popular web-based game “Words With Friends” or been on “Pogo” on the popular website Yahoo.com, you’ve seen Java in action.

Java is not a native part of Windows so it has to be installed as an add-on to your computer’s internet browser. There is a separate Java add-on for Internet Explorer, Firefox, Chrome and Safari (the browser used on Macs). All of these are susceptible to the exploit I’m about to tell you about.

Okay, now that you know everything you ever need to know about Java, let me tell you why you should avoid it if you can -- and why you probably can. Headlines around the world warned users that up to 850 million computers were at risk from a crimeware program that was discovered on the black market. It seems that thieves can purchase this program for about $5000, insert it into their own websites, or even hack legitimate websites, and insert their illegitimate code. Then along comes an unsuspecting website visitor and BAM! they get a scary message from “The FBI.”

The headlines were just a bit sensationalized. The risk of getting this virus is minimal for any given user but is a problem for society as a whole and especially businesses with many computers. The FBI infection is just the tip of the iceberg. There are many ways to utilize this crimeware to pilfer money from innocents.



The fact is that Java is not as widely used as it once was and most users probably can get by without having the program installed at all. My recommendation is to remove or disable Java unless you have a specific use for it. If you discover later that you really do need Java it is trivial and free to download and reinstall. Be aware that many people confuse Java with Javascript. Most Web sites use JavaScript, a powerful scripting language that helps make sites interactive -- so leave that alone.

To disable Java on your computer, follow the steps in this article
from Zdnet


6 comments:

Anonymous said...

Who is thieving the thieves at $5,000 a pop?!

Anonymous said...

Or thieving from the thieves. Please excuse my poor language skills, as I am simple minded.

Seriously though... $5,000?! What is the scope of this underground industry?

Anonymous said...

This is not just an "FBI" virus. It is a "police" virus, anywhere in the world, and in many languages. Actually, it's not much of a virus, as it doesn't take much to remove it. And shame on you for not telling people how.

Jim Fisher said...

Locally, I've only seen "FBI" graphics and, less often, "Justice Department."

I disagree about the "easy" removal. When this was new and fresh, it was really easy to remove--just start up in Safe Mode and run any number of spyware removal apps such as MalwareBytes Antimalware. But the thieves have gotten impressively clever. Removal now involves making a boot CD or boot Flash Drive, running HitMan or making a bootable Ubuntu to remove deeply imbedded files. That is not something my average reader can do by themselves.

Trying to explain all that in one 500-word (no more, no less) column is a bit of a challenge and will generally put my readers to sleep. My point was to get the message out there to NOT pay the thieves $300 bucks. MANY of my clients have done exactly that.

Second Hand said...

For Remove FBI Virus Call USA Toll Free +1-800-847-3260. ... FBI virus makes use of Trojan horses or script on a site in order to lock computer or internet browsers.

alex said...

Great job! very good content...Pogo Games are a very interesting games Your blog have made it even more interesting and knowledgeable... visit more info- POGO support Call Toll Free No +1-800-231-4635 For US/CA