![[SpamCop.net - protecting the internet through technology]](http://news.spamcop.net/newlogo.jpg)
[SC-Help] Re: Assume miles for wireless router range.
John E. Malmberg
wb8tyw at qsl.network
Fri Mar 10 13:35:06 EST 2006
In article <NN3aNusoprZD at eisner.encompasserve.org>,
wb8tyw at qsl.network (John E. Malmberg) writes:
> There is a posting on the webforum about "Spamcop after virus / spyware
> attack" where it appears that the cause was an insecure wireless router.
As another data point, if a hacker has access to an insecure wireless router,
it may be possible that those hackers got full access to the hardrives of the
connected systems.
With that type of access, they can install malware that does not need to
propagate by viruses, and as such is not detectable by any scanner that looks
for patterns.
They can also replace the scanner programs with spoofs, which from what I
understand is one of the tricks that malware has been doing for years.
So at this point, since spam is still being sent, it must be assumed that
the computers have been taken over by unknown programs.
The only reliable fix in this case is reload all files from known good media,
which on modern PCs can require a trip to an authorized repair center, because
if you did not make the full recovery CDs or DVDs before the infection, you no
longer have any reliable way to restore the PC to a clean state. Only an
authorized repair center has that information.
There is no safe way for a non-technical user to recover any information off
of infected hard drives. That needs to be done by someone with the technical
expertise to sort out the files that can not contain an infection, and can be
very time consuming and expensive. There are tools that can replicate
documents that may have malware hidden in them with out replicating the
malware.
It also has to be assumed that who ever put the malware on the computer has
access to any information that has ever been displayed or entered in that
computer.
This means that critical passwords, bank account numbers, PINs, TAX
information may have been stolen, and the attacker may have access to the
bank and credit/debit cards of the system owner or the easy ability to do
identity theft.
-John
wb8tyw at qsl.network
Personal Opinion Only
More information about the SpamCop-Help
mailing list