Scumbag malware authors exploit Virginia Tech tragedy
Camera phone footage ruse leads to Trojan depository
Pond-dwelling virus writers have crafted a malware attack that poses as camera phone footage of the shootings at Virginia Tech University that claimed 32 lives on Monday.
Spam email messages carry a photograph of gunman Cho Seung-hui and claim to link to a Brazilian movie website carrying footage of the campus shootings.
Surfers who click on the link will find only a malicious screensaver file (TERROR_EM_VIRGINIA.SCR) that attempts to install a banking spyware Trojan horse on the Windows PCs of prospective marks, anti-virus firm Sophos reports. The Packer Trojan horse attempts to steal online banking credentials. This login information offers cybercrooks the chance to subsequently clean out online banking accounts.
Separately, there's been a flurry of domains related to the Virginia Tech tragedy registered this week. Some of these might be on behalf of well-intentioned organisations but others are likely to be opportunists. The SANS Institute's Internet Storm Centre, which documents the domain rush here, warns users of the potential of a rash of spam and phishing coming from "leeches" who are seeking to take advantage of this week's massacre.
No human tragedy these days is complete without accompanying malware and scams from hackers who have no qualms about making money out of other people's misery. Past malware and spam campaigns have taken advantage of headline breaking news stories such as Hurricane Katrina, the Indian Ocean tsunami, the Concorde aircrash, and terror bombings in London. ®
Have you guys actually tried to use a Windows machine in a non-admin context?
As a seasoned Unix admin, I've tried many times to use the same working methods on my 'doze machine as I do with my 'nix boxes, but every time I run into the brick wall known as the registry. A lot of applications either break or malfunction in strange ways if registry write access is denied (which seems to be the case even with 'Power Users' membership).
This is because Windows software authors tend to write their applications to store user preferences and settings in the registry - requiring write (therefore privileged) access to the system central repository, where a Unix software author would write the same data to a user-specific config file, requiring nothing more than the users own profile permissions...
I've gone one step further
Forget removing admin access. I don't even let myself USE my computer.
I'm actually not entirely sure how this got posted, to be honest.
How to prevent people flocking ghoulishly to malware
Don't give them Admin access on computers they don't own.
If you own the computer, take Admin access away from yourself. Yes, you read that right.
By this point, if you give yourself Admin back to install something like this, then you deserve the resulting ridicule and you can't blame Microsoft.