Category: Virus/Spyware

KrebsOnSecurity reports that the network credentials of Fazio Mechanical were stolen with by a password-stealing malware called Citadel

KrebsOnSecurity reports that the network credentials of Fazio Mechanical were stolen with by a password-stealing malware called Citadel. This is what I feared. Recently I spend a lot of time working through some problems updating McAfee ASAP because I was pretty sure it had a better malware protection than Microsoft Security Essentials.

The breach at Target Corp. that exposed credit card and personal data on more than 110 million consumers appears to have begun with a malware-laced email phishing attack sent to employees at an HVAC firm that did business with the nationwide retailer, according to sources close to the investigation.

Since Citadel is not a new threat I assume it must be a modified version that was not detected by the virus/malware checking software. I wonder if the current versions of the top virus checking software catches it now. My desktop version of Outlook is twice protected via McAfee’s SaaS. My private email is protected by Yahoo(Symantec). Hmm… I wonder what Fazio was using?

Security Essentials to the rescue

In all of my years of being a system administrator I have never seen a machine as infected as I saw today at my sister-in-law’s house. When we turned on the machine, the fist sign of problems was that it did not go to the normal home page. When I tried to do a search the links on the results page did not work. Naturally my sister-in-law did not know what happened. Since the MacAfee software had expired and my sister-in-law was fussing about the cost of virus checking software, I downloaded a current version of Microsoft Essentials. I had to reboot the machine into safe mode with networking support before I could download the current virus and spyware definitions. Microsoft Essentials found a multitude of Trojans and worms. I cleaned the computer and rebooted several times. Finally I decided to perform a full scan before clicking on the “Clean” button. The full scan took a long time but the computer is now working as expected.