Sponsors, contributors. programers and researchers": "Fraud Arrestors International Private Detectives LLC" READ THIS: Reading time 2 MIN: http://rss.groups.yahoo.com/group/antinrusion/rss
Of course the chances of a uber hacker coming after you is very remote. The threat we all face is the new attack bots, and the combining of of Rootkits, worms and trojans. Megasploit is already out there, point click and you got Root. Combine these with "Attack bots" and we are under a new seige that firewalls, Anti-virus and sweepers can't even see. There are ways to make intrusion very difficult and methods to spot them even if your security software has been corrupted and is lying to you about what is and isn't on your PC. Where do they hide their fies on your computer? They can park sections of your hard drive mark sectors as bad and hide them there, or DLL injection, fake out the Windows event Viewer so that forensics is impossible, and even hide device drivers (NEW!) All this without any hooking, or a driver that will identify writable memory chips / FlashRAM / EEPROM on the motherboard and hide fie there, A driver that stores data in 'bad blocks' or unallocated clusters on an IDE drive/NTFS partition or a driver that can store executable code in a FLASH or EEPROM and submit this code to be executed from the video processor in order to patch kernel memory. Anti-virus and sweepers don't even look in these places. How could your PC get infected from a rootkit? If you have ever used IM Yahoo or AOL, used AOL or Yahoo email, downoaded a word DOC, PDF, or surfed pubic sites, Like ebay or major search engines, use Internet Explorer of the Microsoft Operating System win 95 to XP, then you could have been taken over. It's a tough challenge when more than 70 software vulnerabilities are discovered each week, and all a hacker needs to do to gain access is find one misconfigured server, an unpatched operating system, or a poorly designed application. Even with a full suite of security technology such as antivirus software, firewalls, patch-management applications, and network and software vulnerability scanners, it can be hard for security professionals to find all of the potential holes in their systems. WE CAN PROTECT YOUR COMPUTER, and WE CAN FIND rootkits IF THEY ARE THERE. There is a basic flaw, weakness in them, we can spot every take over, any file, hidden ANYWHERE... The Russian Mafia Hangup group is working on this and testing their attack bots. And have an open secret black market for your credit card info. My servers are protected quite well. But my personal PC became infected while I was running a top of the line Firewall, Anti-virus and even one of the best Sweepers. My PC gets 10,000 to 20,000 attacks per month. Where do attacks come from, Geographic location?, look at the attack logs for MY computer HERE What are they trying to upload on to my computer in secret, top 10? HERE How did this happen? During my removal process I ran the forensics I usually use on my servers, this wasn't some UberHacker who targeted me specially, but a new growing threat on the Interment. A combination automated trojan and Rootkit. It had taken control of my Pc without me even knowing about it, even while using state of the ART PC security at its highest settings. And none of my security programs could even SEE IT. The Rootkit made my task manager, and security Programs Lie to me about programs and processes running on my system. The Russian mafia Gang "Hangup group" is one of the leading forces behind this, with help from the Romanian Hackers. They recently were able to put a script on the largest Auction site and 100 of the top sites that made these top sites (that surfers visit by the millions a day) pull up an invisible frame that downloaded a keylogger onto your computer, this went right past the three security programs I listed above. And It copies your passwords, and Credit card numbers and send them in the background invisibly by secret emails or IRC to the hackers. They then sell them on IRC channels to enable Identify theft, to get extra credit cards in your name, or hijack ebay accounts and sell nonexistent goods under your name. Many times, the first time you are aware of it is when your credit rating crashes or a skip tracer contacts you about these bills. Home Pc's need the same protection now as the big servers on the Internet. Latest in Intrusion detection and prevention. We don't get that with the firewall's, Anti-virus programs and sweepers. You are only protecting 3 of the 4 walls on your PC home. I have learned the hard way how to be secure YOU need other protections and capabilities. Its a new form of thinking, education and security, we provide this. We can't make you an Expert hacker but we CAN educate you on how they work and how to secure your PC. We can make you aware of these new risks, tell you how they work and what to look for and how to find them, even when your security programs are lying to you. We have a password protected site, files and programs you need for full protection. And simple short easy to understand tutorials Even a "New Threats" newsletter To keep you updated, not on every New worm but new THREATS. Internet fraud Investigations!HERE And because the security threat is ever evolving we also provide an "ALERT" NEWS LETTER, to keep you updated on risk and new holes and threats. Not on every new virus that comes along, but NEW threats, holes, exploits. We have already tested these programs on our own computers to avoid compatibility problems so common when you add a new security program, no conflicts, no problems. And we have tested them to make sure they work as described. Our system has Four elements, #1) Education about what your current security programs don't DO. And How hackers get around them. #2) Top of the line programs, that will protect you, and tested. Targeted to stop & spot exploits (14 this month 4.04)and rootkits. And FREE programs, we tell you what to look for and what it means. #3) Forensics type programs to double check for intrusion attempts. #4) Updates on NEW threats and how to avoid them. THE TRICK IS KNOWING WHAT PROGRAMS TO USE THAT WILL FIND THE INTRUSIONS, AND HOW TO READ THE RESULTS. Support through Chat rooms, forums, and email. Purchase our services: :HERE HOME PaGE ===================================================== |
|---|
BulletProof your computer:
How to get Infected? Visit Ebay or one of the major search engines, or one of 100 other well known public sites. See here: Its no longer the crazy kid hacker after you but orginized crime groups like the hangup group after your passwords and bank accounts.
Thats how could you get infected? Ever download music files, Open a email (you don't even have to click on anything, just open the Email), Try our TEST: It installs a harmless test program on your computer (Note" it never asks for permission to install on your hard drive),see if the file goes RIGHT THROUGH YOUR FIRE WALL! This is a file that your AV WILL catch, point is it was installed on your hard dirive by just visiting a site, and your ANTI-VIUSV security WILL stop this ONE, ITS WRITTEN SO IT WILL BE IDENTIFIED and deleted.), visit a web site with a trojan uploader in one of the Graphics, or use weak passwords, download a program. any of these can get you Infected.
test your system : HERE
Don't work, even the Department of defense advanced Fire walls have holes, see here
POINT IS this program made to your hard Drive. If it had been an unknown rootkit, the hacker would have access to your computer and every thing you do.
We can test your system like you've NEVER been TESTED before:
Independent
External scan of ports,
Doesn't stop them !
Some of the things the OUR scan checks:
ICMP Ping Ping. Ping is a network troubleshooting utility. It asks your
computer to acknowledge its existence. If your computer responds
positively to a ping, hackers are more likely to target your computer.
21 FTP (File Transfer Protocol). FTP is used to transfer files between
your computer and other computers. Port 21 should be open only if
you're running an FTP server.
22 SSH. TCP connections to this port might indicate a search for SSH,
which has a few exploitable features. SSH is a secure replacement for
Telnet. The most common uses of SSH are to securely login and copy
files from a server.
23 Telnet. Telnet can be used to log into your computer from a terminal
anywhere in the world. This port should be open only if you're running
a Telnet server.
25 SMTP (Simple Mail Transfer Protocol). A protocol for host-to-host
mail transport. This port should be open only if you're running a mail
server.
79 Finger. Finger is an Internet utility that allows someone to obtain
information about you, including your full name, logon status, and
other profile information.
80 HTTP (Hypertext Transfer Protocol). HTTP is used to transfer Web
pages over the Internet. Port 80 should be open only if you're running
a Web server.
110 POP3 (Post Office Protocol). Internet mail servers and mail filter
applications use this port. This port should be open only if you're
running a mail server.
113 Ident / Authentication. This service is required by some mail,
news, or relay chat servers to allow access. A stealth result on this
port could cause performance problems.
119 NNTP (Network News Transfer Protocol). A service used by News
servers to distribute Usenet articles to newsreader applications and
between other servers.
135 Location service (loc-srv). This port is used to direct RPC (Remote
Procedure Calls) services to the appropriate dynamically mapped ports.
Hackers can use this to determine which port is used by several Windows
services. This port should not be visible from the Internet.
139 NetBIOS. NetBIOS is used for Windows File & Print sharing. If port
139 is open, your computer is open to sharing files over the Internet.
Other components of NetBIOS can expose your computer name, workgroup,
user name, and other information. To learn more about preventing
connections to your NetBIOS ports, see: NetBIOS Information and
Configuration Instructions
143 IMAP (Internet Message Access Protocol). IMAP is a sophisticated
protocol for electronic mail delivery. This port should be open only
if you're running an IMAP server.
443 HTTP over TLS/SSL. A protocol for providing secure HTTP
communication. It should be open only if you're running a Web server.
445 Windows NT / 2000 SMB. A standard used to exchange Server Message
Blocks, and can be exploited in multiple ways, including gaining your
passwords.
1080 SOCKS. This protocol allows computers access to the Internet
through a firewall. It is used when one IP address is shared among
several computers. Generally this protocol only allows access out to
the Internet. However, it is frequently configured incorrectly to
allow hackers to pass traffic inwards through the firewall.
1723 PPTP (Point-to-Point Tunneling Protocol). This service is used for
virtual private networking connections.
5000 UPnP (Universal Plug and Play). This service is used to
communicate with any UPnP devices attached to your network.
5631 pcAnywhere. This port is used by Symantec pcAnywhere when in host
mode.
And a Windows Vulnerability Check
Over 123 patches from Microsoft and still not secure!
See what your up against! HERE
Independent External scan for
known viruses and Trojan horses Inside your PC
Independent Internal scan for trojans and malware
What Is A Trojan Horse?
Trojan horses are malicious programs disguised as something benign.
They've been known to pose as games, utilities, and email attachments.
Trojan horses act much differently than you expect. Some merely annoy,
sending emails to everyone in your address book. Others do serious
damage,
to the point of stealing passwords, credit card #'s, and data files.
Unlike viruses, Trojan horses are not self-replicating so far.
Can't eve see a root kit !
Independent worm, UNKNOWN AND known scan:
What Is A Worm?
A worm is a self-replicating virus that does not alter files but
resides in active memory and duplicates itself. Worms use parts of an
operating system that are automatic and usually invisible to the user.
It is common for worms to be noticed only when their uncontrolled
replication consumes system resources, slowing or halting other tasks.
Independent Internal scan for root kits,
UNKNOWN invisable rootkits and trojans
Designed to spot and KILL them.
A hacker tool that captures passwords and message traffic to and from
a computer. A collection of tools that allows a hacker to provide a
backdoor into a computer, collect information on other systems on the
network, mask the fact that the system is compromised by hiding files,
and logging your keystrokes passes info on to hacker through hidden IRC
or email.
Scan for hidden files and hidden running processes.
UNKNOWN viruses and Trojan horses
Scan for unauthorized host files.
For UNKNOWN presents.
Immunize your pc ( We block over 3,000+ sites Known to upload TROJANS
).
Set up a WORM wall
Verify all file signatures, as authentic.
CRC check on listed files.
"Download"and "Unzip", protection (How many programs were unzipped or downloaded at the same time and where they went).
Identifing suspect processes and dlls then reading them. (including
HIjackers, hackers and trojans use dll's to store info to later send to themselves)
Links for removing infections, worms, trojans, keyloggers, dialers,
rootkits and hackers, if you find any.
Are you an Expert in viruses, Trojans, Hacking? Then you already KNOW using just an Anti-virus and fire wall isn't enough. a hacker/craker can walk around any Firewall and spyware scanner can't see hacker or some trojan files, see below). HERE
I view a hackerS as
someone who writeS his own code for the rootkits, kernal
adjustments/re-writes. Thise is really scarry.
If they get into a server there is NO real cure....why YOUR fire wall sucks:
HERE Or test your
firewall again, down load this to test, for in and out bound
protection.
HERE
what do the new automated ,combination rootkit trojans do, HOW?
These use backdoors made by other trojans or wormsm or they can make their own.
The Trojan runs continuously in the background providing backdoor access to the computer. The Trojan attempts to terminate and disable various anti-virus and security related programs and modifies the HOSTS file. And is invisiable to Anti-virus programs & sweepers, because it has modified them. And the rootkit takes over your Operating system.
The root kit is the man-in-the-middle, standing between the operating
system on your computer and the programs that rely on it, deciding what
those programs can see and do. What you can see and do. What windows
task mgr, can see and do.
It uses that intercept position to hide itself. If an application tries
to list the contents of a directory containing one of the root kit's
files, the hacker program will censor the filename from the list, it
just doesn't show up. It'll do the same thing with the system registry
and the process list. It will also hide anything else the hacker
controlling it wants hidden -- mp3s, password lists, a DivX movie. As
long as it fits on the hard drive, the hidden cargo doesn't have to be
small or unobtrusive to be completely cloaked. A Paradign Intelligence
track/investigation will reveal it.
It can even hide its self in "free space".
These attacks amount to an almost second operating system that you
can't control, or even see.
You don't know its there, it makes its self invisabe to all programs on
your system, and can record and send out your every keystroke and page
view as well as all passwords and Credit card #'s.
There are precautions you can take.
There are programs that can make it difficult, there are ways to avoid
it.
Some of the things running LOOSE on the net: virus contains lots of remote access functionality, Some of the things HACKERS DO! including:
NO one program can protect you from: These automated hacker attacks, BOT ATTACKS, virus emails, web page Trojans, server Worms and Malware cookies.
We do a complete sweep of your system (from an external source) for Trojans, Virus, Worms, Malware Cookies, Dialers, Spy bots, Keyloggers, Hi Jackers, and tracks. Our systems and programs continue to kill them all, and protect your computer & privacy. But we look for and track things the three main Security programs used by 90% of surfers don't even SEE.
Then to be sure we give you programs to independently check once in a while to see what is running in the background. SEE that nothing gets through. We set you up to do this.
We provide automatic logging of attacks, automatic Reporting to perps IPS the data on the attacks, anonymously.
Ebay & Paypal security against fake web sites. Phishing protection.
We use a a defense system in depth, we give you the programs, worm wall, Anti-Virus, anti-hacker, firewall, trojan sweepers, key Logger killers, programs with over lapping coverage, by using mutiple programs we provide combined threat protection, and the ability for you to independently check exactly what is running on your computer even IF its in secret in the background.
Is there much risk on the Internet REALLY?
''If an attacker can convince your computer to execute commands in the local zone, they could extract anything -- credit card numbers, personal information, your browsing habits. Anything of value,'' says Bakos. ''You're essentially giving them a seat at your key board.'' There are criminals in Spain and Romaniania and Russia making $100,000 per month from this. The "Russian Natiz Hangup gang".
Where do attacks come from, Geographic location?, look at the attack logs for MY computer HERE
What are they trying to upload on to my computer in secret, top 10? HERE
PCs Monitored, E-mail Bugged
April 20, 2004
By Robyn Greenspan
The average computer houses roughly 28 items of monitoring software, unbeknownst to the user, according to Internet service provider Earthlink and Webroot Software. The study was released just in time for the FTC's Spyware [ define ] Workshop on April 19 in Washington, DC.
The findings come from a collaborative SpyAudit report that analyzed Scans of PCs during the first quarter of 2004, revealing more than 29.5 million instances of spyware. While the majority of infiltrations are benign forms of adware, there are roughly 185,000 cases each of system monitors and Trojan horses [ define ].
| Total Number of SpyAudit Scans: | 1,062,756 |
| Total Instances of Spyware Found: | 29,540,618 |
| Instances of Spyware per Scanned PC: | 27.8 |
| Adware Installations on Scanned PCs: | 5,344,355 |
| Adware Cookie Installations on Scanned PCs: | 23,826,785 |
| System Monitor Installations on Scanned PCs: | 184,559 |
| Trojan Installations on Scanned PCs: | 184,919 |
| Source: Earthlink and Webroot Software | |
What do I do: I send you an email to our Yahoo Group where many of the files are stored. you Just upload and install the security programs onto your computer. And we walk you through the automatic features of the combined security programs. some of these are programs you know and have heard of, and we have tested so they work together...not fight each other. We keep you current with all security updates and threat countermeasures. Defense system in depth, anti-roolkit, worm wall, Anti-Virus, anti-hacker firewall, trojan sweepers, key Logger killers, programs with over lapping coverage, by using mutiple programs we provide combined threat protection, and the ability for you to independently check exactly what is running on your computer even in secret in the background.
Bullet Proof YOUR PC NOW $100, (special this month ONLY, buy the $30 scan below and get the $100 package (WITH all PROGRAMS FREE) includes all SUPPORT, and full free sweep. Blocks, protects and Immunizes your pc system. Stops rootkits, block download of files known as malicious (spyware installers for example). We also restrict access to 2000 websites known to load trojans. We have done the research, we know how to stop them, how to BEAT them. We track all new security services and test them, you get reports.
Full in depth Security Sweep AND SECURITY PROTECTION PROGRAMS, $30 for SECURITY PROGRAMS TO PROTECT and Id, automated rootkits, Web page Trojans, Virii, Worms, Malware, Dialers, Spy bots, Keyloggers, Hi Jackers, rootkits and tracks.
24 hour Guarantee, Check it out for 24 Hrs. If you don't like it for any REASON, We will refund your money. (minus Pay pals $2 fees)
The financial damage caused by online identity theft is not only mounting, it's exploding at a growth rate of about 300 percent a year, according to a 2003 study by the Aberdeen Group, a Boston-based industry analyst firm.
Financial loss from identity theft is expected to reach $73.8 billion in the United States by the end of this year -- $221.2 billion worldwide, reports Aberdeen analysts. The current trajectory -- based on a 300 percent compound annual growth rate -- has the figures reaching $2 trillion by the end of 2005.
The spyware issue has been getting attention both on the federal and state levels, where legislators are considering legislation that would restrict the invasive practices. But some Internet companies believe the statutes are too restrictive. Adware company WhenU filed suit against Utah, claiming that the state's anti-spyware statute is unconstitutional.
Internet users are also under siege from "Web beacons" [ define ]. Traditionally used by legitimate Web marketers, these e-mail tags are now being heavily adopted by spammers. According to e-mail defense Solutions company MX Logic, Inc., nearly half of unwanted messages contain these beacons, which spammers use to validate e-mail addresses and detect activity.
MX Logic analyzed that e-mail messages that were
identified as spam by its filters and by customer quarantines from the
prior 12 month period, resulting in a sample size of nearly one billion
e-mails. Through this process, the company determined which bugged
messages were considered spam.
The Internet is as Lawless as the US West was in the late
1700's.
For
the indivual user there are no Sherriffs, You MUST defend yourself. The
Russian Mafia is currently the biggest player, the "Natzi Hang up Gang",
is running most of the Phishing and Id theft. Operating in the back
ground is a underworld of organized crime, dirty tricks, black ops and
terrorism. There is no orginized effort to sotp Internet Crime, You can
file a complaint with IFC, the US gov. Internet Fraud Center, but 33%
of these complaints are MIs-filed and around 75% never recieve any
action. The FBI or Secret Service only get involved when there is over
$100,000 involved or a large Corporation has enough pull to get them to
go after "Wharzes" sites.
Keynoting a morning session of Gartner's 10th Annual IT Security Summit
here, Sterling said, "This is the birth of a genuine, no kidding,
for-profit, electronic, multi-national criminal world. The global
criminal world of oil, narcotics and guns now has broadband."
And, according to Sterling, they are fully utilizing the technology.
"These are not all old-school hackers. This is organized crime
activity. They are profit driven," he said. "These are crooks. The
crooks that in the future that are going to elbow the hobbyist kids
aside and settle in for a nice, long vampire slurp from our
e-commerce."
Sterling classified most computer crime as "ancient evils" running
rampant in a new electronic world that does not recognize borders. The
Internet, he said, is the public face of globalization, and corruption
is not only thriving online, but winning.
"In 2004, it's about computer activities that used to be regarded as
weird mischief or acts of deviant curiosity slowly sliding into the
darkness," Sterling said, adding that the perpetrators of the crimes
are not particularly technologically adept.
"Al Qaeda is not real cyber savvy. Neither, for that matter, are
spammers, credit card thieves, ID thieves or software pirates," he
said. "They are multi-national bloodsuckers. They have to be cyber
savvy because they are crime savvy." ( I suspect they are using some of
the best Hacker minds in the world, Romanian hackers.) When Al Qaeda
has hackers they will turn the Internet into another Palestine complete
with Cyber bombings and attacks.
As examples, Sterling said there are very few new types of crime
proliferating on the Internet. Phishing, he said, is just another form
of doing business under false pretenses.
While Sterling make a valaid point, he misses the biggest onslaugh ID
theft, The criminals are stealing Credit cards thru Phishing or fake
Escrow sites,where they collect your Credit card info and phone #'s.
Then they call the victims posing as the Credit card cos. saying due
to a computer glitch or security problem they need to confirm the
victims DOB and Social Security number.
Now the thiefs have enough info on the victim to open new Credit cards
accounts, get morgages, even buy cars. Ruin the victims life by
destroying his credit rating.
The solution, Sterling believes, is not more laws or even more law
enforcement personnel. The bottleneck, he said, is prosecutors willing
to go after cyber criminals.
"We have lots of computer cops, and American cops are as savvy about
computers as any social group in the nation," he said. "We have a
ridiculous amount of computer laws."
Sterling again misses the point as the cops do know how to use the
computer but have no Idea how to collect evidence on the Internet and
no jurisdiction in an another country, and are helpless.
Sterling called the Can Spam Act passed earlier this year a "bunch of
phoney baloney. People say it can't be enforced because the spammers
will just move overseas. He is right here since the passage of the spam
act SPAm has increased 10 fold.
As for national cyber security, Sterling said the government's recent
National Strategy to Secure Cyberspace has merit, but there is no such
thing as "national cyberspace." International cooperation will be
needed .
The other problem is security concerns are not telling the truth, a
good hacker can walk through your firewall and disable your antivirus
and s sweepers. Microsoft has sold products, Internet Exlporer with so
many holes in it, security is impossible, without extensive security add
on programs.
All in all, Sterling said, "Today's Internet is a dirty mess".
The solution is a "Cyber cop force" to go after the criminals on the
Internet, world wide, taking down criminal web sites, and servers.
Fake escrow sites for example may be up and running for months or
years, crippling victims economically, and no one taking any action
against them.
Main hacker Group is the "Natiz Hangup russian
Mafiia Group"!
Developers of Korgo Virus : Hybrid malware may use worm techniques for
spreading, a virus to do damage, and then implant a Trojan horse to
turn the system into a zombie or remotely controlled proxy or remailer,
and add rootkit for its security and ID theft???? is that going to be
Korgo?.
Gerald
Chief Forensics Computer Researcher (tracking & Research)
Internet fraud Investigations!HERE
