Members
  • Total Members: 12818
  • Latest: martin
Stats
  • Total Posts: 28534
  • Total Topics: 8240
  • Online Today: 1027
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)












Author Topic: Korean DDOS Virus (Win-Trojan/Agent.67072.DL / clean, delete, fix, remove...)  (Read 5455 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7206
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


They say what goes around comes around and on Friday owners of bot-infested PCs in South Korea will discover that's true.

The owners of tens of thousands of bot-infested PCs in the county -- who've resisted calls all week to update or install anti-virus software -- will likely switch on their PCs on Friday to find their data gone, said computer security specialist AhnLab.

From midnight local time (3 p.m. GMT Thursday) the virus, which has been attacking prominent U.S. and South Korean government and commercial Web sites all week, has been programmed to encrypt user data or reformat the hard drive of the PC.

There are still ways to save an infected PC, although if the owners have ignored security requests so far they might be unlikely to follow AhnLab's recommendations: http://global.ahnlab.com/

These involve starting Windows in safe-mode by using the boot menu accessed through the F8 key at start-up, setting the clock to before July 10 and then rebooting the PC normally and updating anti-virus software or performing a free scan to erase the virus.

The attacks have been headline news all week in South Korea, where casualties have included the top-ranked news Web site, one of the leading online auction sites, electronic banking portals of several major banks and the home pages of the Ministry of National Defense, the president's Web site, the National Assembly and the U.S. Forces Korea.

Computer security companies have been urging people to update their ant-virus software or download an application to perform a free scan but many have, apparently, ignored those requests.

A third wave of attacks on Thursday night overloaded some of South Korea's most popular Web sites and showed that the bot-infested PC army was still alive and kicking.

But Thursday night's attacks might be the last. This shift from attack to destroy may indicate the end of this particular round of attacks, which started on July 4 against U.S. sites and hit South Korean sites for three days in a row this week.

Little is known about the person or persons controlling the virus although computer security experts say the attack itself is not particularly sophisticated. That leaves the possible range of culprits wide, from individuals with a relatively low level of hacking skills to organized groups or governments who might have employed a low-tech approach to confuse experts.

Download Removal Tool: http://global.ahnlab.com/global/file_removeal_down.jsp?filename=12471142513991&down_filename=v3filecleanex.zip

or Post your Request for Help at SCF "PC Help Center": http://scforum.info/index.php/board,16.0.html

(THE IDG)

Samker's Computer Forum - SCforum.info





Gizew

  • SCF Member
  • **
  • Posts: 13
  • KARMA: 0
4 or 5 or even more days backward from June 10/2009.. Good tech

HISNA

  • SCF Member
  • **
  • Posts: 23
  • KARMA: 2
Did this really happen? If so serves them right! lol

Samker

  • SCF Administrator
  • *****
  • Posts: 7206
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
Did this really happen? If so serves them right! lol

Except Google Chrome OS: http://scforum.info/index.php/topic,2984.0.html this is main IT News from this week.


Maybe this is answer who manage this attacks:

Quote
Little is known about the person or persons controlling the virus although computer security experts say the attack itself is not particularly sophisticated. That leaves the possible range of culprits wide, from individuals with a relatively low level of hacking skills to organized groups or governments who might have employed a low-tech approach to confuse experts.

1. North Korea ?
2. Rusia ?
3. China ?
4. ???


 ;)



F3RL

  • SCF Advanced Member
  • ***
  • Posts: 171
  • KARMA: 18
  • Gender: Male
Samker, as you may know I'm from Korea, South, I want to add that United States says the traced IP is coming from 'North Korea' WHILE South Korea says the traced IP comes from United States.

//Timeline of the DDoS virus
7th July - First DDoS attack - launching DoS on various websites
8th July - Mutated DDoS virus - send spam emails to deny the service
9th July - another mutated DDoS virus - delete data off the HDD
10th July - mutated DDoS virus same as 9th July

Korea deserves it. Even they knnew 3 days before the first attack they did NOT do anything but watching and saying 'Nothing's gonna happen, BIG'. Oh my god, what a stupid country..
well? understand ma bad English.

Samker

  • SCF Administrator
  • *****
  • Posts: 7206
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum

Korea deserves it. Even they knnew 3 days before the first attack they did NOT do anything but watching and saying 'Nothing's gonna happen, BIG'. Oh my god, what a stupid country..

I agree with you my friend, they're blind...  :thumbsdown:

 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising