Topic: I just got Hacked! (Read 3154 times)

Ubuntu is miles ahead of windows. With the exception of gaming, I don't understand why anyone uses windows.

I don't understand why anyone uses windows.

Why the shit would he want to use Ubuntu? 

He got hit with a 8 year old worm, and is probably still using XP (a decade old at this point).  Nothing will help people like this. 

I think Microsoft will eventually have to take away all choice, your system auto upgrades to latest version and it can't be stopped.

Yeah one of the downsides of bitcoin, having to use linux.  I kid, but in all seriousness, look at his OP again. 


He got hit with a 8 year old worm, and is probably still using XP (a decade old at this point).  Nothing will help people like this. 

i come back home today, and find my computer in sore shape.

its tell me some files where accesed remotely and asks me to block this attact

it would seem i have a w32.Blaster worm. and was unable to start any programs.

after running the virus scan everything seems back to normal... ish

it would seem the attacker did NOT steal my bitcoin wallet!

I don't think there's any "kind of transaction" you can make that will invalidate the thief's copy of your wallet.

It might be worth it to put that wallet on another computer and do some kind of transaction. Then the wallet he/she has will no longer be valid.

It is very easy to flash a modern bios with a virus.  Most motherboards have a windows based tool to flash bios without rebooting.  While this is convenient it also makes it easy to infect the bios.  If it can be done for a "good bios" it can be done for a malicious one.  

http://www.tomshardware.com/news/bios-virus-rootkit-security-backdoor,7400.html


Still it all depends on how paranoid you are.  An alternative, some (but not all) motherboards offer an option to make a backup of the bios.  Some do this from same windows utility to flash a bios, some from a option in the bios to write to a thumb drive.  If you can get a copy of the bios currently loaded you can take a hash of it and compare it to the official bios.  If they match then no need to flash.  If they don't match then I would definitely flash.

The reason that Microsoft Windows has more viruses that any other operating system isn't so much about its vulnerabilities as it is about it's success. People will argue which is more of a contributing factor, but there's no denying that the fact that Windows runs on a gazillion machines is a huge factor.

"Now, while Windows is relatively standard across PCs, BIOS's are not."
By writing a single virus that targets Microsoft Windows, a virus writer can potentially infect more computers on the planet than by writing it to target any other system. It's no secret that virus and malware writers regularly target the greatest potential audience so as to get the greatest number of infections for their malicious intent.

Now, while Windows is relatively standard across PCs, BIOS's are not.

The BIOS used in a PC built by one manufacturer may be radically different than that from another company. A virus that attempts to target a BIOS vulnerability or to somehow "hide" within a BIOS has to, essentially, be rewritten for or at least be customized and aware of every different BIOS that it might want target.

It's easier to simply rely on user apathy and target unpatched vulnerabilities in Windows. One virus per vulnerability, and all unpatched machines become malware's playground.

That's potentially a lot. A gazillion, even.

So just like Mac or Linux malware, there may be a few BIOS targeting viruses out there, but they're not even close to being as common as the more standard Windows-based malware.

Now, that's not to say that there's zero risk.

As you point out, a virus that manages to embed itself into the BIOS or BIOS's flash memory has one extremely unique characteristic: it'll survive even if you completely reformat and erase everything on your hard disk.

However, even that is easily remedied, either by resetting your BIOS to it's factory image - which most modern motherboards support - or often simply by updating or re-flashing your BIOS.

My take: it's not something I'd worry about at all just yet. In a rare case where malware appears to have survived a reformatting ... well, I'd first look at all the other ways that a machine can get immediately reinfected as you rebuild it from scratch (lack of firewall, infected external hard drives and the like). Only after eliminating those might I think about checking or resetting the BIOS.

It's just not that common a problem right now.

Of course you're right, but I'd say flashing the bios is a bit unnecessary in most cases as viruses aren't really allowed to access the bios so easily in modern operating systems, especially considering flashing your BIOS is a gamble (most people don't have extra CMOS chips laying around).

If there's any indication your machine has been compromised or unauthorized/malicious software has been able to run on your system, your only recourse to be absolutely sure is to reflash your bios, wipe your drive, and reinstall.

Anything less than that, and you can't really be sure you're in a trustable, safe state.

If there's any indication your machine has been compromised or unauthorized/malicious software has been able to run on your system, your only recourse to be absolutely sure is to reflash your bios, wipe your drive, and reinstall.

Anything less than that, and you can't really be sure you're in a trustable, safe state.

I would not assume your wallet has not been copied. Especially if you are using an encrypted wallet. Your thief could be trying to brute force the password as we speak. It might be worth it to put that wallet on another computer and do some kind of transaction. Then the wallet he/she has will no longer be valid.