It is currently Sun Feb 26, 2017 3:06 am

All times are UTC-05:00





Post new topic  Reply to topic  [ 1 post ] 
Author Message
PostPosted: Tue May 20, 2014 5:58 pm 
Offline
Administrator
Administrator
User avatar

Joined: Fri Oct 30, 2009 5:29 pm
Posts: 158
City:
ZIP:
Here’s a list of possible indicators that your computer may be infected with Blackshades or similar remote access tool malware:
◾Mouse cursor moves erratically with no input from user;
◾Web camera light (if equipped) unexpectedly turns on when web camera is not in use;
◾Monitor turns off while in use;
◾Usernames and passwords for online accounts have been compromised;
◾Unauthorized logins to bank accounts or unauthorized money transfers;
◾Text-based chat window appears on your computer’s desktop unexpectedly;
◾Computer files become encrypted and ransom demand is made to unlock files.

Blackshades malware affects Microsoft Windows-based operating systems. If you believe you or someone you know may have a computer that is infected with this malware, search the computer’s hard drive for the following files that are known to be present on Blackshade-infected computers:
◾dos_sock.bss
◾nir_cmd.bss
◾pws_cdk.bss
◾pws_chro.bss
◾pws_ff.bss
◾pws_mail.bss
◾pws_mess.bss

To perform the above check, click the Start menu and type each file name in the search field. If the search yields positive matches for one or more of these files, the computer may be infected with Blackshades.

In addition to the above files being added to the computer’s hard drive, Blackshades also makes modifications to the Windows registry. The exact location may vary depending on the verson of the Microsoft Windows you’re using, but the following registry subkey is added:
◾Computer\HKEY_CURRENT_USER\Software\VBandVBA Program Settings\SrvID\ID\[string of letters and numbers]

To perform a check for this registry modification, take the following steps:
1.Click the Start menu.
2.Type “regedit” in the search field.
3.Execute the Registry Editor (regedit.exe). If prompted, select “Yes” to allow the program to make changes to the computer.
4.Select “Edit” from the window toolbar.
5.Select “Find” from the Edit menu.
6.Type “SrvID” in the Find field.


Anyone who performs the above checks and gets positive results is encouraged to submit a complaint to the FBI’s Internet Crime Complaint Center. Please include the term “Blackshades” in the incident description section of the complaint.

And for assistance on removing Blackshades, please contact your Internet service provider, your antivirus software company, or another computer security professional.


Top
   
Display posts from previous:  Sort by  
Post new topic  Reply to topic  [ 1 post ] 

All times are UTC-05:00


Who is online

Users browsing this forum: No registered users and 2 guests


You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You can post attachments in this forum

Jump to:  
cron
ADVERTISEMENT




LIKE US
EMAIL SUBSCRIBE

Enter your email address:

DONATE

© 2004-2016 Bradford PA Today. News & Information. All rights reserved.

Bradford PA Portal | PennsNews | Free Web Hosting