PSA: Malware Alert
Via anjak_j:
There is some particularly nasty rootkit malware being passed around LJ via comments.
In some of these comments there is an embedded video, in others there is just a link. A lot of them seem to be appearing as spam comments - I've already received three such comments on various communities I have maintainer privileges for - but there have also been cases where this nasty has used hijacked LJ accounts to make the comment seem more genuine - warning of content theft, etc. (For example: "Your YouTube content has been stolen.")
The common denominator is that these all lead to YouTube videos, and some of these links are infected with this rootkit - malware that can infiltrate a computer, steal personal information (such as online banking and other log-in credentials), and in some cases hijack Internet connections.
If you receive such a comment on LJ, DO NOT click on the link or start the video. Delete the comment and report it to LJ.
This post comes with all the usual Internet security admonitions:
- Keep your OS up-to-date by installing any relevant updates.
- Keep your anti-malware tools up-to-date and ensure they have the most recent definitions available.
- Actually use said tools. (This sounds like it goes without saying, but you'd be surprised...)
- Keep your browser and add-ons up-to-date.
- "If it looks dubious, it probably is." The first line in Internet security is being careful of what you click.
- Non-Windows OSs... not all rootkits discriminate, so make sure your security is up to the job. (Even when malware does discriminate, it won't win you any friendship points with your Windows-using friends if your computer harbours malware designed for Windows and passes it on. Sophos found that 20% of the 100,000 Mac computers scanned for a 2012 report harboured malware dangerous to Windows computers and their users.[citation])
There is some particularly nasty rootkit malware being passed around LJ via comments.
In some of these comments there is an embedded video, in others there is just a link. A lot of them seem to be appearing as spam comments - I've already received three such comments on various communities I have maintainer privileges for - but there have also been cases where this nasty has used hijacked LJ accounts to make the comment seem more genuine - warning of content theft, etc. (For example: "Your YouTube content has been stolen.")
The common denominator is that these all lead to YouTube videos, and some of these links are infected with this rootkit - malware that can infiltrate a computer, steal personal information (such as online banking and other log-in credentials), and in some cases hijack Internet connections.
If you receive such a comment on LJ, DO NOT click on the link or start the video. Delete the comment and report it to LJ.
This post comes with all the usual Internet security admonitions:
- Keep your OS up-to-date by installing any relevant updates.
- Keep your anti-malware tools up-to-date and ensure they have the most recent definitions available.
- Actually use said tools. (This sounds like it goes without saying, but you'd be surprised...)
- Keep your browser and add-ons up-to-date.
- "If it looks dubious, it probably is." The first line in Internet security is being careful of what you click.
- Non-Windows OSs... not all rootkits discriminate, so make sure your security is up to the job. (Even when malware does discriminate, it won't win you any friendship points with your Windows-using friends if your computer harbours malware designed for Windows and passes it on. Sophos found that 20% of the 100,000 Mac computers scanned for a 2012 report harboured malware dangerous to Windows computers and their users.[citation])