Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
Buzzword dictionary to deal with annoying clients:
AI—regression
Big data—data
Blockchain—database
Algorithm—automated decision-making
Cloud—Internet
Crypto—cryptocurrency
Dark web—Onion service
Data science—statistics done by nonstatisticians
Disruption—competition
Viral—popular
IoT—malware-ready device15 -
Definitely my security teacher. He actually expected us to actively learn the stuff and put effort into our education. He guided us through malware analysis and reverse engineering, simplifying it without insulting us.
We had students who thought they knew everything and he corrected them. We had arrogant students he put in place.
He treated us like adults and expected us to act like adults.
That's the only class I enjoyed studying for, because he would tell us exactly what wasn't on the exams (it was an intro course, didn't need to know the math). There were no trick questions.
I told him about the shitty teacher and he helped me through that confidence block. He helped me realize I *can* make it through the workforce as a female in security because I will work my ass off to be the best I can be. He reminded me why I love computers and why I want to go into forensics.
He's been a great mentor and role model and hiring him is one of the few things my department did right.7 -
Da Fuck!?!
Yesterday I found some abnormal activity on my server, someone was trying to brute force my ssh as root since two days! Started raging and installed fail2ban (which automatically bans an IP if it fails to log X times and eventually sends me an email). Woke up this morning to find that a fucking Chinese guy/malware spent the whole night trying to brute Force me!
Fucking cunt! Don't you have any better to do!!
My key is a 32 characters long encrypted key, with the ban he can try 3 passwords /2 hours, good luck brute forcing it you bitch!
36 -
This rant is a confession I had to make, for all of you out there having a bad time (or year), this story is for you.
Last year, I joined devRant and after a month, I was hired at a local company as an IT god (just joking but not far from what they expected from me), developer, web admin, printer configurator (of course) and all that in my country it's just called "the tech guy", as some of you may know.
I wasn't in immediate need for a full-time job, I had already started to work as a freelancer then and I was doing pretty good. But, you know how it goes, you can always aim for more and that's what I did.
The workspace was the usual, two rooms, one for us employees and one for the bosses (there were two bosses).
Let me tell you right now. I don't hate people, even if I get mad or irritated, I never feel hatred inside me or the need to think bad of someone. But, one of the two bosses made me discover that feeling of hate.
He had a snake-shaped face (I don't think that was random), and he always laughed at his jokes. He was always shouting at me because he was a nervous person, more than normal. He had a tone in his voice like he knew everything. Early on, after being yelled for no reason a dozen of times, I decided that this was not a place for me.
After just two months of doing everything, from tech support to Photoshop and to building websites with WordPress, I gave my one month's notice, or so I thought. I was confronted by the bosses, one of which was a cousin of mine and he was really ok with me leaving and said that I just had to find a person to replace me which was an easy task. Now, the other boss, the evil one, looked me on the eye and said "you're not going anywhere".
I was frozen like, "I can't stay here". He smiled like a snake he was and said "come on, you got this we are counting on you and we are really satisfied with how you are performing till now". I couldn't shake him, I was already sweating. He was rolling his eyes constantly like saying "ok, you are wasting my time now" and left to go to some basketball practice or something.
So, I was stuck there, I could have caused a scene but as I told you, one of the bosses was a cousin of mine, I couldn't do anything crazy. So, I went along with it. Until the next downfall.
I decided to focus on the job and not mind for the bad boss situation but things went really wrong. After a month, I realised that the previous "tech guy" had left me with around 20 ancient Joomla - version 1.0 websites, bursting with security holes and infested with malware like a swamp. I had never seen anything like it. Everyday the websites would become defaced or the server (VPN) would start sending tons of spam cause of the malware, and going offline at the end. I was feeling hopeless.
And then the personal destruction began. I couldn't sleep, I couldn't eat. I was having panick attacks at the office's bathroom. My girlfriend almost broke up with me because I was acting like an asshole due to my anxiety issues (but in the end she was the one to "bring me back"(man, she is a keeper)) and I hadn't put a smile on my face for months. I was on the brink of depression, if not already there. Everyday I would anxiously check if the server is running because I would be the one to blame, even though I was trying to talk to the boss (the bad one was in charge of the IT department) and tell him about the problem.
And then I snapped. I finally realised that I had hit rock bottom. I said "I can't let this happen to me" and I took a deep breath. I still remember that morning, it was a life-changing moment for me. I decided to bite the bullet and stay for one more month, dealing with the stupid old server and the low intelligence business environment. So, I woke up, kissed my girlfriend (now wife), took the bus and went straight to work, and I went into the boss's office. I lied that I had found another job on another city and I had one month in order to be there on time. He was like, "so you are leaving? Is it that good a job the one you found? And when are you going? And are you sure?", and with no hesitation I just said "yup". He didn't expect it and just said "ok then", just find your replacement and you're good to go. I found the guy that would replace me, informing him of every little detail of what's going on (and I recently found out, that he is currently working for some big company nowadays, I'm really glad for him!).
I was surprised that it went so smoothly, one month later I felt the taste of freedom again, away from all the bullshit. Totally one of the best feelings out there.
I don't want to be cliche, but do believe in yourself people! Things are not what the seem.
With all that said, I want to give my special thanks to devRant for making this platform. I was inactive for some time but I was reading rants and jokes. It helped me to get through all that. I'm back now! Bless you devRant!
I'm glad that I shared this story with all of you, have an awesome day!15 -
Scammers mann:
——————————————-
“Hello sir, you have to renew your subscription before tomorrow else you’ll be charged $299.99 from your bank account.”
Me: And what’s this subscription you’re talking?
“Your Microsoft antivirus subscription, sir.”
Me: Oh wow, and when did I subscribe to this?
“Three years ago, sir.”
Me: lmbo. Please find someone else to scam.
“No sir, it shows here that you subscribed to Microsoft antivirus 3 years ago.”
Me: Dude, I was in college three years ago. I was too broke to be subscribing to useless stuff like this.
“But sir, its an antivirus. You subscribed to protect your Windows PC from viruses, malware so that bad people and hackers don’t get into your computer to do bad things and steal your info.”
Me: Well, what a coincidence. You’re describing yourself except you’re trying to attack my bank account not my pc. And oh, I’ve been using Linux for the past 5 years and currently own a MacBook so good luck finding someone to fall for this.
“Oh, I see. Sorry.”
*Scammer hangs up.
Lmbo, like dude seriously?
Unfortunately though, someone at my work mother fell for this and had to close all her accounts and create new ones.19 -
What seems to be the problem? Oh, is your wordpress site hacked/infected with malware?
So I guess you decided to disable updates because it might break your shitty little site? And I guess you thought those warnings you got from me and multiple colleagues about what could happen when you didn't update your wordpress bullshit weren't that serious?
Hold on, you want *US* to restore *YOUR* hosting backups?
Hahahahahaha-no.
Go clean up your own fucking bullshit. But, before you click that restore button, please take a cactus, carve 'I am a stupid wordpress cunt' into it, dip it in a bathtub of with blood mixed-infected cum and shove it up your ass.
Oh yeah I'm aware that that won't help your situation but it might keep you from reproducing and at least it'll give me some satisfaction.20 -
"I'm going to cram you so full of asynchronous JavaScript and malware throttling that your gonna be crapping cipher text" - Simpsons S27E10
7 -
I'm getting ridiculously pissed off at Intel's Management Engine (etc.), yet again. I'm learning new terrifying things it does, and about more exploits. Anything this nefarious and overreaching and untouchable is evil by its very nature.
(tl;dr at the bottom.)
I also learned that -- as I suspected -- AMD has their own version of the bloody thing. Apparently theirs is a bit less scary than Intel's since you can ostensibly disable it, but i don't believe that because spy agencies exist and people are power-hungry and corrupt as hell when they get it.
For those who don't know what the IME is, it's hardware godmode. It's a black box running obfuscated code on a coprocessor that's built into Intel cpus (all Intell cpus from 2008 on). It runs code continuously, even when the system is in S3 mode or powered off. As long as the psu is supplying current, it's running. It has its own mac and IP address, transmits out-of-band (so the OS can't see its traffic), some chips can even communicate via 3g, and it can accept remote commands, too. It has complete and unfettered access to everything, completely invisible to the OS. It can turn your computer on or off, use all hardware, access and change all data in ram and storage, etc. And all of this is completely transparent: when the IME interrupts, the cpu stores its state, pauses, runs the SMM (system management mode) code, restores the state, and resumes normal operation. Its memory always returns 0xff when read by the os, and all writes fail. So everything about it is completely hidden from the OS, though the OS can trigger the IME/SMM to run various functions through interrupts, too. But this system is also required for the CPU to even function, so killing it bricks your CPU. Which, ofc, you can do via exploits. Or install ring-2 keyloggers. or do fucking anything else you want to.
tl;dr IME is a hardware godmode, and if someone compromises this (and there have been many exploits), their code runs at ring-2 permissions (above kernel (0), above hypervisor (-1)). They can do anything and everything on/to your system, completely invisibly, and can even install persistent malware that lives inside your bloody cpu. And guess who has keys for this? Go on, guess. you're probably right. Are they completely trustworthy? No? You're probably right again.
There is absolutely no reason for this sort of thing to exist, and its existence can only makes things worse. It enables spying of literally all kinds, it enables cpu-resident malware, bricking your physical cpu, reading/modifying anything anywhere, taking control of your hardware, etc. Literal godmode. and some of it cannot be patched, meaning more than a few exploits require replacing your cpu to protect against.
And why does this exist?
Ostensibly to allow sysadmins to remote-manage fleets of computers, which it does. But it allows fucking everything else, too. and keys to it exist. and people are absolutely not trustworthy. especially those in power -- who are most likely to have access to said keys.
The only reason this exists is because fucking power-hungry doucherockets exist.26 -
Windows: Try Edge! It blocks 13% more malware than Chrome!
Me: Try using your brain! It blocks 99.4% of ALL malware!
*Later*
Windows: Try Edge! It blocks 13% more malware than Chrome!
Me: Edge, you are malware: You are an unwanted piece of software installed without the user's consent, and you make annoying pop-ups.10 -
One comment from @Fast-Nop made me remember something I had promised myself not to. Specifically the USB thing.
So there I was, Lieutenant Jr at a warship (not the one my previous rants refer to), my main duties as navigation officer, and secondary (and unofficial) tech support and all-around "computer guy".
Those of you who don't know what horrors this demonic brand pertains to, I envy you. But I digress. In the ship, we had Ethernet cabling and switches, but no DHCP, no server, not a thing. My proposition was shot down by the CO within 2 minutes. Yet, we had a curious "network". As my fellow... colleagues had invented, we had something akin to token ring, but instead of tokens, we had low-rank personnel running around with USB sticks, and as for "rings", well, anyone could snatch up a USB-carrier and load his data and instructions to the "token". What on earth could go wrong with that system?
What indeed.
We got 1 USB infected with a malware from a nearby ship - I still don't know how. Said malware did the following observable actions(yes, I did some malware analysis - As I said before, I am not paid enough):
- Move the contents on any writeable media to a folder with empty (or space) name on that medium. Windows didn't show that folder, so it became "invisible" - linux/mac showed it just fine
- It created a shortcut on the root folder of said medium, right to the malware. Executing the shortcut executed the malware and opened a new window with the "hidden" folder.
Childishly simple, right? If only you knew. If only you knew the horrors, the loss of faith in humanity (which is really bad when you have access to munitions, explosives and heavy weaponry).
People executed the malware ON PURPOSE. Some actually DISABLED their AV to "access their files". I ran amok for an entire WEEK to try to keep this contained. But... I underestimated the USB-token-ring-whatever protocol's speed and the strength of a user's stupidity. PCs that I cleaned got infected AGAIN within HOURS.
I had to address the CO to order total shutdown, USB and PC turnover to me. I spent the most fun weekend cleaning 20-30 PCs and 9 USBs. What fun!
What fun, morons. Now I'll have nightmares of those days again.9 -
I don't know what the hell this is, but my idiotic brother downloaded it.
I uninstalled it, but if it's malware, I'll be pissed off.
He literally just came up to me, and said that he clicked a link on YouTube to download something. He even said, "It's an invisible app."
He says it's invisible, because you can't find it unless you check the apps setting.
26 -
!rant
After knocking off from work, I went to nearby Coffee shop to grab a Coffee. I met a girl and we started talking about our day. She asked me to do her a favor and take a look at her laptop, it’s been playing up for sometime now. So, I went. She took me to her bedroom where the laptop was, and the conversation continued on topic romance, sex and girlfriend. You know what happened next…Yes.
For the first time in my life I fixed a hot cheeks computer and got laid.
What was wrong? There was a malware in her computer which was opening random websites.22 -
Why do viruses make computers so slow...? Why can't their programmers implement them efficiently...?
It's like they're trying to be malicious...2 -
Surprise, a "user" maintained repository, is able to host malware, shocker.
https://sensorstechforum.com/arch-l...
15 -
I hate Linux so much. I mean, how could anyone of you barbarians like it??
I don't understand the hate for windows. It's secure, emphasizes privacy, and it's Microsoft. What's not to love?
Linux is just proprietary malware.26 -
I'll be buying a second hand Surface tomorrow.
Will put Linux onto it right away, found good instructions on doing that including making the touchscreen work.
If that doesn't work, I'll sell the fucker again because I'm not running windows. I'm just not. That malware can go fuck itself.
Looking forward to transferring that windows machine to a Linux one!10 -
"Pre-Installed Malware Found On 5 Million Popular Android Phones"
"added somewhere along the supply chain"
See below how to check if it's installed
Sources:
- (new) https://thehackernews.com/2018/03/...
- (new) https://research.checkpoint.com/rot...
- (old relevant news) https://thehackernews.com/2017/03/...
---
"Rottensys" a malware which covers devices from: Honor, Huawei, Xiaomi, OPPO, Vivo, Samsung and GIONEE
---
"According to our findings, the RottenSys malware began propagating in September 2016. By March 12, 2018, 4,964,460 devices were infected by RottenSys," researchers said.
"At this moment, the massive malware campaign pushes an adware component to all infected devices that aggressively displays advertisements on the device’s home screen, as pop-up windows or full-screen ads to generate fraudulent ad-revenues."
---
If you have one of the affected devices, here's how I checked mine:
1. Install ADB (Windows: https://forum.xda-developers.com/sh...)
2. Connect your device in USB-debugging mode
3. execute "adb shell 'pm list packages -f' > output.txt" (On windows navigate to C:\adb and replace "adb" with ".\adb.exe")
4. open the now created output.txt
5. search for any of those:
com.android.yellowcalendarz (每日黄历)
com.changmi.launcher (畅米桌面)
com.android.services.securewifi (系统WIFI服务)
com.system.service.zdsgt
19 -
I made a website for a guy, been keeping a casual eye on it and it's fine, if boring.
Then he calls in a panic to tell me it's been hacked, there is porn everywhere and funny underlined words and I must fix it right now!
So I drop what I'm doing and access the site and it's fine. I use a few different devices and even a couple of different networks and can't see a thing wrong with it.
Then I spent half an hour on the phone trying to convince him that his own shady surfing habits are causing this on his computer only.
I get the feeling he didn't believe me because he hasn't paid the latest invoice..11 -
Antivirus software that believes that client server programs you write are actually malware and quarantine them as soon as you compiled...1
-
I recently got a job as a sysadmin and they've been debriefing me on their hacked websites (wordpress malware injection). Beats me why they still have their sites up at all...
BUT WAIT THERE'S MORE!
I wanted to see if they have any backups... NONE.
The latest snapshot was over a year ago...FML. Over a year ago when they barely have anything on their company site and client sites 😒
Now, I have to revive 10 websites from redirection. Time to do some shell scripting!
4 -
Ugh, fxk. I got a promotion, I'm now a team lead for 4 developers, and I fxking hate it.
They never asked me if I wanted the position, they just threw me into it this week. They ripped me away from the team I had great chemistry with and put me on this other team with people I have no connection with.
To make matters worse, I'm also responsible for production servers of the clients of this team, one has malware even.
On top of all of this, they made me move desks for a new developer to fill my spot.
How do you demote yourself? Why would a company want someone to perform poorly (on purpose, I don't care) than to just keep their employee happy?
/end rant14 -
TRIGGER WARNING: ................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................Don't mind me just using your computer for bitcoin mining and installing malware on your pc because you didn't block js.8
-
Finally got my phone (oneplus one) screen repaired.
When home, I'll set it up again so I'll finally have a device which isn't integrated within any Google malware/mass surveillance bullshit.
Using a phone with Google services honestly makes me feel uncomfortable 🤢14 -
"Thank you for choosing Microsoft!"
No Microsoft, I really didn't choose you. This crappy hardware made you the inevitable, not a choice.
And like hell do I want to run your crappy shit OS. I tried to reset my PC, got all my programs removed (because that's obviously where the errors are, not the OS, right? Certified motherfuckers). Yet the shit still didn't get resolved even after a reset. Installing Windows freshly again, because "I chose this".
Give me a break, Microshaft. If it wasn't for your crappy OS, I would've gone to sleep hours ago. Yet me disabling your shitty telemetry brought this shit upon me, by disabling me to get Insider updates just because I added a registry key and disabled a service. Just how much are you going to force data collection out of your "nothing to hide, nothing to fear" users, Microsoft?
Honestly, at this point I think that Microsoft under Ballmer might've been better. Because while Linux was apparently cancer back then, at least this shitty data collection for "a free OS" wasn't yet a thing back then.
My mother still runs Vista, an OS that has since a few months ago reached EOL. Last time she visited me I recommended her to switch to Windows 7, because it looks the same but is better in terms of performance and is still supported. She refused, because it might damage her configurations. Granted, that's probably full of malware but at this point I'm glad she did.
Even Windows 7 has telemetry forcibly enabled at this point. Vista may be unsupported, but at least it didn't fall victim to the current status quo - data mining on every Microshaft OS that's still supported.
Microsoft may have been shady ever since they pursued manufacturers into defaulting to their OS, and GPU manufacturers will probably also have been lobbied into supporting Windows exclusively. But this data mining shit? Not even the Ballmer era was as horrible as this. My mother may not realize it, but she unknowingly avoided it.6 -
'your good with computers right'?
Me: I work with one every day so I guess...
Can you fix a problem I have with my pc? (relatively old man, and I feel bad for him so I agreed)
Next day he had me fix 4 laptops (from his kids) and a Macbook of his own almost all had shady malware and were WAY behind of their windows updates... Like sub wannacry level...
Rip one of day of my vacation 😠8 -
Had the Windows Insider Preview for a month or so to get Ubuntu Subsystem early back when it was Insider-only.
Turns out that your license policy changes when you use Preview builds: if your PC isn't updated to a certain build by checkpoints set throughout the year, your license expires and you have to reinstall Windows. No way to recover anything already on the device. So if you get Insider Preview and shut your laptop off for too long...
Thus began a killer combo attack on my Surface Pro 3.
While trying to figure out what was going on and loading up a recovery on a flash drive, the Surface Pro 3 BIOS was sitting idle behind me. On 100% CPU. The only reason I think this is that by the time I noticed the insane fan noise, the screen was hot enough to burn my finger as I tried to turn it off. The heat sensor triggered it to shut off before I could, though.
That heat sensor, however, won't turn it off if it's busy installing Windows, supposedly to keep anything from getting hopelessly corrupted. What followed we're 3 hours of fan whirring from a slab of metal hot enough to cook an egg with.
Windows is back and working. The battery indicator, however, melted during reinstallation. And the battery lasts an hour, max. Thankfully I'm not out of a tablet, but it seems to me that W10 is becoming more and more like malware, just waiting for you to activate one of it's delightful payloads.4 -
Fleksy, if you're going to tell me through a fucking annoying notification that you won't run unless I update Google play services (those can go fuck themselves, I'm not updating that fucking malware) one more goddamn time, I'll fucking exterminate you.8
-
I've got a confession to make.
A while ago I refurbished this old laptop for someone, and ended up installing Bodhi on it. While I was installing it however, I did have some wicked thoughts..
What if I could ensure that the system remains up-to-date by running an updater script in a daily cron job? That may cause the system to go unstable, but at least it'd be up-to-date. Windows Update for Linux.
What if I could ensure that the system remains protected from malware by periodically logging into it and checking up, and siphoning out potential malware code? The network proximity that's required for direct communication could be achieved by offering them free access to one of my VPN servers, in the name of security or something like that. Permanent remote access, in the name of security. I'm not sure if Windows has this.
What if I could ensure that the system remains in good integrity by disabling the user from accessing root privileges, and having them ask me when they want to install a piece of software? That'd make the system quite secure, with the only penetration surface now being kernel exploits. But it'd significantly limit what my target user could do with their own machine.
At the end I ended up discarding all of these thoughts, because it'd be too much work to implement and maintain, and it'd be really non-ethical. I felt filthy from even thinking about these things. But the advantages of something like this - especially automated updates, which are a real issue on my servers where I tend to forget to apply them within a couple of weeks - can't just be disregarded. Perhaps Microsoft is on to something?11 -
I programmed a random credit card generator at school and saved it to my :F drive which is the private drive for students to save stuff to. That night I tried accessing my account and it had notified me that it had been locked. I went into school the next day and was called into the office, the principal and Tech Administrator were there waiting for me and asked what the file was. The Tech Administrator tried to describe to me what he found
"This gen.html file seems to be malicious and puts our school at risk. It seems to be some sort of malware and stuff like that is prohibited at school."
Now me sitting in the chair listening to this, laughing in my head just said "okay" and nodded my head because he is the type of person to argue forever. They came to the conclusion to unlock my account by the end of the semester.
Just goes to show that it doesn't take much to get a Tech Admin position at a school.15 -
Yesterday, my girlfriend caught a virus. There were 5+ running programs, in program files, program files x86, system32, basically everywhere. The virus modified chrome, firefox, edge (and even installed a false uc browser assuming we had one), there are many entries at startup programs, also running daemons, once you kill one of them, the others detect it and replicate their killed fellows. Tried to run a linux live usb disk for a cleanup, but the computer hibernates instead of shutdown, making modifications on disk risky.
I spent hours trying to suppress the processes, do a manual cleanup and antivirus search. It looked all cleaned up, then I reinstalled chrome, and now it switches its homepage everytime I open it, it also injects batch arguments to desktop link forum chrome (deleting it manually does not help, it comes back). I'm a linux guy, and in a few hours, I hated windows more than ever.
If anybody knows the authors, I *really* want to meet them. I promise I'm not going to punch them, but kneel down, bow my head in respect, and say "teach me master."14 -
Fuck npm and the whole npm community!
Seriously, what a piece of completely uncontrolled cat litter!
First experience was getting malware from an npm package which I ranted about a while ago. That it can even happen is beyond my imagination.
Second experience was today when our app broke because a fucker who wrote a library doesn't understand semantic versioning.
If you're gonna publish an npm library, please do the whole fucking world a favour and learn how to version your shit correctly, so my app doesn't break! If you do BREAKING CHANGES don't change the fucking last version number you filthy piece of garbage!
Phew, that felt good 😧3 -
Adylkuzz "saves" users from WannaCry
In fact, because Adylkuzz(malware that mine cryptocurrency) had infected many vulnerable machines long before WannaCry and shut down their SMB port, the malware might have accidentally saved many potential victims from having their data encrypted by WannaCry. -
How the fuck can this happen?
It might be a malware. I did not do a scan yet, but I guess that it has to do with Google Chrome itself.
I think that a pop up once appeared and ever since I get these windows alerts every 1 hour or something like that.
12 -
Malware: "HAHAHAHAHA I HAVE HOSED YOUR PC AND REPLACED THE MBR! ONLY I REMAIN!"
me, loading my VM's clean slate snapshot:
2 -
Before 10 years, a WordPress site hacked with sql injection. They had access to site, they modified many php files and installed commands to download random malwares from over the internet.
At first I didn't know that it hacked and I was trying to remove any new file from the server. That was happening every 1-2 days for a week.
Then I decided to compare every WordPress file with the official, it was too many files, and I did it manually notepad side notepad!! :/
Then I found about over 50 infected files with the malware code.
Cleaned and finished my job.
No one else knows that I did a lot of hard job.2 -
Who the fuck still puts stuff on sourceforge?? Every time I have to download something from there I feel like I'm downloading malware. So many ads and purposefully misleading links, serious developers should avoid it like the plague!4
-
So there is a ransomware that after infecting a device checks its geolocation. If the device is in Russia it does not encrypt anything and is harmless.
I wonder which country is this malware from...9 -
Is it illegal to upload a malware(worm) written in python to GitHub? I'm serious :)
I've written a worm which I want to share with my friends (and possible future viewers). My intent is to share my experience. So that they can learn from it. What they are doing with it afterwards, shouldn't be my problem, I guess. (I will put a disclaimer warning in the Readme file of course)14 -
First company I worked for, built around 40 websites with Drupal 7...in only a year (don't know if it's a lot for today's standards, but I was one guy doing everything). Of course I didn't have the time to keep updating everything and I continually insisted to the boss that we need more people if we are going to expand. Of course he kept telling me to keep working harder and that I "got this". Well, after a year a couple of websites got defaced, you know the usual stuff if you've been around for some time. Felt pretty bad at the time, it was a similar feeling to having your car stolen or something.
Anyways, fast forward about 2 years, started working on another company, and well...this one was on another level. They had a total of around 40 websites, with about 10 of them being Joomla 1.5 installations (Dear Lord have mercy on my soul(the security vulnerabilities from these websites only, were greater than Spiderman's responsibilities)) and the others where WordPress websites, all that ON A SINGLE VPS, I mean, come on... Websites being defaced on the daily, pharma-hacks everywhere, server exploding from malware queing about 90k of spam emails on the outbox, server downtime for maintenance happening almost weekly, hosting company mailing me on the daily about the next malware detection adventure etc. Other than that, the guy that I was replacing, was not giving a single fuck. He was like, "dude it's all good here, everything works just fine and all you have to do is keep the clients happy and shit". Sometimes, I hate myself for being too caring and responsible back then.
I'm still having nightmares of that place. Both that office and that VPS. -
Microsoft brute-forces password-protected archives in OneDrive.
“Microsoft will decrypt, open, and scan protected Zip archives uploaded to the company's cloud servers in search of potential computer threats. Security researcher Andrew Brandt recently discovered the issue while trying to share malware samples with other researchers through SharePoint.”
This is when I encrypt my archives, I use _very_ long passwords generated by Bitwarden. Like this: qkYdE5i@27yHTTj8YsMDKQ9^mo$j@!P^M4qA95Y5VqR*53otAMuMv$9sdxtF4HAuNdAYoW9RPVxucJ3
Good luck bruteforcing that, Microsoft!
https://techspot.com/news/...
11 -
YES FINALLY SOMEBODY REPLIED TO MY JOB OFFER ON UPWORK LET ME OPEN THE MESSAGE
A LINK TO A ZIP FILE WITH PASSWORD THAT LOOKS SO SKETCHY HMMMMMMMMMMM
LETS OPEN IT
WHATS THIS
- aboutus/
-- COMPANY PROFILE.docx
-- Paiza.docx
-- PROJECT WORK.docx
- requirement.lnk
- training/
-- discussion/
--- instruction/
---- democrat/
----- marketing.bat
A MARKETING.BAT FILE FOR A JOB OFFER??? HMMM THATS SO INTERESTING LET ME OPEN THIS MARKETING.BAT IN VSCODE
OH WOULD YOU LOOK AT THAT 10,000 LINES OF CODE OF ENCRYPTED CIPHER ENCODED MALWARE TROJAN MESSAGE TO FUCK UP MY C DRIVE.
WHY EVEN BOTHER. WHY DO YOU FUCKING WASTE MY FUCKING TIME YOU *********FUCKING*******++++ SCAMMERS I HOPE YOU GET CANCER AND YOUR WHOLE FAMILY DIES IN THE MOST HARMFUL PAINFUL SLOW DEATH I HOPE SOMEONE POURS ACID ON YOUR FUCKING FACE AND YOU END UP AT A MEXICAN CARTEL GORE VIDEO WEBSITE WHERE THEY CHOP YOUR FUCKING ARMS AND LEGS OFF AND PUT A PITBULL TO MAUL YOUR FUCKING TINY DICK OFF AS YOUR HEAD WATCHES IN AGONY AND YOUR ARMLESS AND LEGLESS BODY FEELS ALL PAIN WHILE YOU'RE DRUGGED WITH ADRENALINE TO STAY ALIVE AS MUCH AS POSSIBLE AND RIGHT WHEN YOU'RE ABOUT TO FUCKING DIE THEY CUT YOUR FUCKING HEAD OFFFF DECAPITATED LIKE A FUCKING USELESS TURD SHIT FAGGOT WASTE OF OXYGEN SCAMMING CANCER FUCK
WHY SCAM ENGINEERS ON UPWORK????? WHAT DO YOU GET FROM IT????
11 -
With the growth of cloud services like AWS and Google Cloud, I feel like the quality of products is going downhill very fast.
Big providers dont care if the customer do stupid things, sends malware, ddos as long as they pay....2 -
Foday my father argued with me that:
* "HTML programmers" get payed a lot
* WordPress is awesome
* wordpress programmers get payed a lot
* WordPress doesn't need to be secure
* FileMaker is 100% virus-free (probably malware free), because not many people use it
* UX and UI design are exactly the same6 -
CIA malware codes are freaking amazing.. :-P
Brutal Kangaroo.
WeepingAngel.
Starmie and Stubble.
Gaping hole of Doom.
Creatin and RoidRage.
Munge Payload.
Panda Sneeze.
Bumble.
Source: http://flip.it/MezvB4 -
Alright, question about graphics cards:
I want to get a six-monitor graphics card.
Currently looking at one but there's a thing:
The visiontek radeon 7750 seems great, manufacturer is AMD.
When searching for images of the *visiontek* radeon 7750 vs the AMD radeon 7750, I get different pictures, according to some product pages the visiontek amd radeon is produced by amd though....
They both have six inputs..
Point is: I'm going to run Linux on it (i refuse to install malware/spyware on my system for obvious reasons) and AMD has native Linux drivers for the radeon 7750: are those also for the visiontek radeon 7750?
I'm lost here. Help!18 -
Story of a penguin fledgling, one of my end users whom I migrated from Win 7 to Linux Mint. She had been on Windows since Win 98 and still uses Windows at work.
Three months before. Me, Linux might not be as good, but Win 10 is even worse. User, mh.
Migration. User, looks different, but not bad.
One month later. User, it's nice, I like it.
Three months later. User, why does Windows reboot doing lengthy stuff?
Six months later. User, I hate Windows. Why is everyone using this crap?
One year later. Malware issues at work. User to IT staff, that wouldn't have happened with Linux. Me, that's the spirit!26 -
Everyone that says you can't get viruses in Linux because only .exe compiled programs can contain malicious code or some bullshit like this is a fucking retarded
Sorry I had to say it9 -
rant || !rant
My father-in-law wants me to buy a new computer for him. He's currently using an old Acer minitower running more malware than real software on shitty Windows Vista. He only uses Email (Outlook 2003), Facebook and Youtube. I'm gonna get him a MSI Cubi Intel N3700/4GB/120GB SSD with Linux Mint and problem solved. No more malware/virus calls from him. I'm installing Mint on Vbox right now and I'm loving it from second 0.
16 -
Spammer just called me saying my windows computer was hacked and that I needed his assistance, I agreed and let him download free malware remover tool and other random shit, apparently the terminal commands were not working so he asked what version of Windows I was on, I said XP, and he continued and gave up on the terminal. tried to ruin whatever malware he put on the thing, finally he went to find what version I was running, and found out I was on Linux.6
-
Haha! Sorry but this new cyber attack that's hit the NHS and other company's around the globe, just makes me laugh 😂
These company's just will not spend money on IT, keeping everything update and backed up! 💾
Some of these machines will still running on Windows Vista or XP 😱10 -
F**king kaspersky found "malware" in development tools. Got scared clicked "disinfect"... F**king all days work "disinfected" from my project6
-
I've always liked the idea of a virus that attacks other viruses. An antivirus virus, if you will. It would infect a computer and clean out all the malware and perform a bunch of random system improvements, then delete itself without a trace. To the end user, one day their computer would suddenly start running a little better for no apparent reason.17
-
HATE “APPLICATIONS” THAT CHANGE BROWSER SETTINGS.
If you’re a “developer” who has ever created such annoying nonsense - come show me who you are, I want to punch you in the face.
There is a special place in hell for malware coders...3 -
I've just revived an old desktop computer today. Turns out that it was running Windows XP, Avast free antivirus, and had Bearshare as a default search engine (in other words, that thing is NOT going to be connected to my network).
But, it also had Chrome installed. So I thought to myself, with 1.25GB of RAM, there's no way that it could run Chrome smoothly. Opened it, and....
It consumed 80MB of RAM. 80 MEGABYTES. And that's not even a clean installation of it, it's a (likely) malware-infested one from a user! Compare that to the Chrome of today.21 -
So... Intense pillowtalk with the wife the other night regarding the coming enforcement of the new General Data Protection Regulation (GDPR) law in the EU after a while turns into nerdy dirty talk.
Me: *Whisper in a sleazy voice like the dirty malware that I am*: So... Why don't you just open up all your inbound firewall ports for me...
Her: Hell no... But I might just make an exception in the private domain just for you...4 -
A guy who's parked next to me in the RV asked me today if I know anything about computers. Sure, what's it about?
He has forgotten his password for a Word .doc file, already installed all possible tools for password cracking, but none of them worked, and now
he can't find his vacation photos and surfing the internet suddenly doesn't work anymore.
Okay, no problem, I'll take a look at it. Windows 7 Home Edition, completely covered with malware, everywhere popups with pr0n ads.
I told him that I can't do much more than trying to recover the data and reinstall the OS. But before that, I'll make a image of the hard drive (thank god, only a 250 GB hdd). Then we'll see.
Unfortunately neither he nor I have a Windows DVD, so he will probably become a proud user of Antergos tomorrow.5 -
Worst dev experience was when I was asked to "take a look at" a propriatery Windows app built by a now non-existent team at the company.
The code base resembled the quality of legacy code where about every hour I felt like I needed to vomit. But that wasn't even the worst part for me.
This was the first time I had to develop on Windows and was sent a separate dedicated laptop for this. Now I started to have a bad feeling about this because as far as I had known every single dev at the company used company Macs for development (including me for other projects). It turned out the Windows laptop was indeed configured for a non-dev team :)
Having liased with IT admins for a day I finally got my environment set up and hit install on the dependencies and in 10 minutes it got to less than 10%. The laptop was pretty powerful so I couldn't belive wtf was going on, fans were ramping. Checked task manager and the company Anti-Malware was hogging the whole CPU.
I was so mad that I managed to get the IT admins to completely disable it and then it was only the pain of working with shitty code on Windows which would have been more than enough from the start. Thankfully it only lasted a week. -
We had robotics, or rather an electronics workshop today. Just imagine throwing a bunch of nerds into a room with 3d printers, lots of electronic parts and other tools.
Anyway one of my friends said that his computer wasn't working.
Me: It's running windows so it's broken by default.
Him: common, windows isn't that bad
Me: it is
Our teacher walking by: I'd never want to use windows, it's basically malware
I just sat there smiling 😊2 -
Q: How to be a malware analyst without having a knowledge on x86 ASM?
A: Start learning 32 bit ASM instead.2 -
It should be FUCKING ILLEGAL to show intrusive popups on the web AND on the desktop. The fucking moron 'developers' who do this type of crap should be fined in the $M range and then banned from using a fucking computer ever again.
It's one fucking thing when a crappy program shows an intrusive update popup when you open it (see notepad++, FileZilla and more), but when I am not even using your fucking malware, but you still shove an update popup in my face while I'm working is just on the next fucking level.
There should be a law that makes this kind of retarded bullshit illegal....
22 -
Fuck Microsoft and the windows dev team! Fuck the person who thinks it's a bright idea to force users to download updates on their fucking insecure OS.
I live in a shitty substandard country where the cheapest mobile data plan is roughly $7.5 for 7.2gb for a month.
After several weeks of Windows auto downloading updates I don't need, I disabled the updates on several fronts using tutorials found online until yesterday, the fucking thing still found a way to download updates over 6gb, I didn't suspect a thing until I got notification that my data plan is exhausted and I immediately checked windows update and saw a fucking download meter of 76% downloaded. The data was suppose to last for 4-5 days, all gone within 3 hours span.
Fuck whoever thought it is a nice idea to force users to download shitty updates, leave me with the fucking old unstable version, if I get a malware I know how to find my way out you fucking goofs at microfuckingsoft!!14 -
I just logged into my dad's computer and see a bunch of apps running in the background that seems very suspicious and like malware...
He's a developer and he makes like twice what I do...8 -
!rant
Apparently keeping a copy of the malware that infected your server is the equivalent of an evil scientist keeping the experimental creature he was supposed to kill.
I'm an evil scientist, and my response of "it's just misunderdtood" didn't help.2 -
WARNING: There is a dangerous malware out in the wild, and chances are, you have it installed on your computer.
It's called Windows Update, and it is marketed as a software that "delivers security patches to your PC". Wrong. What it actually does is hard-reboot your computer at randomly picked time intervals without asking for your consent, or even showing any type of warning, basically deleting all unsaved progress that you've made in your programs or games. It also deletes/undoes all registry tweaks that you might have made (e.g. to the context menu), it deletes your nvidia display configurations, uninstalls any custom themes that you might have installed, possibly even downloads another malware disguised as "Microsoft Edge" and shoves it in your face on next boot without giving a possibility to close it. Oh and it might also make your computer unbootable so you have to go to the advanced recovery settings to fix it manually.
Yes, everything I just mentioned above happened to me about an hour ago. This LITERALLY classifies the software as a malware (Google: "software that is specifically designed to disrupt, damage, or gain unauthorized access to a computer system"). If we throw in all the data collection that happens without your consent, Microsoft actually manages to check not only one, but all three boxes in the "malware" definition.
Pleas, stop using microshit, and switch to linux as soon as possible if you can.22 -
My mom got infected with one of those stupid you have a virus redirect viruses. Malware bytes isn't useful.
To make matters worse it doesn't redirect in Edge, so she's forced to use Edge until further notice.
It's going to be a long week.
Also I don't have much experience with Windows viruses especially these redirect ones, so yay!16 -
It must really suck to be a malware dev... "Oh look, the recent changes i made to my cryptomalware made it work! Sadly project file are encrypted too. Lets start over."1
-
Last time client got hacked...we just could not get rid of the malware...it replicated itself short after deletion.
Ended up creating the same files with zero content and setting them read only.
Not clean, but enough to sleep.2 -
School's windows installations had the UAC set to lowest.
Anyone could install malware or fiddle with important settings.
Oh by the way, the same school who's gData found it funny to go through my USB drive and delete all executables and all my code because it was "possibly malicious".
Started installing random crap and messing with people in retaliation.
Was fun.
Until I got caught.
Good thing I compiled a list of security flaws earlier on.
From that day on, everytime I messed up, I sold them two security vulnerabilites to let me off the hook.
These included access to all kinds of drives in the windows network, accessing other PCs desktop, literally uninstalling random printers from the network etc..
Fun time.3 -
BIGGEST FUCKING MALWARE ON WIN 10 IS THE FUCKING ANTIMALWARE EXECUTABLE. ATLEAST OTHER MALWARES DON'T EAT UP ALL YOUR FUCKING RAM WITHOUT TELLING YA.5
-
What kind of developer are you and what is your opinion on other development areas?
Me: Junior dev, oriented towards full stack and Android(with a sysadmin background):
-Low-level(kernel development, embedded, drivers, operating systems, reverse engineers)- Badass, I wish I could do that.
-Mobile apps- awesome but too high level sometimes.
-Full stack/Backend- awesome.
-Web Frontend- fuck HTML+CSS. JS is cool I guess.
-Enterprise applications(e.g SAP) Pajeet, my son.
-Malware development- Holy shit that is awesome.
-Video Game development- was my dream since childhood.
-Desktop apps- No opinion.4 -
I booted up windows yesterday night to play some games which is weird for me since I am almost never in the mood
It had to update for like four hours automatically without asking me first so I leave it on and just go to bed
Next day, not really in the mood to play games, as usual
I go to restart into superior distro: Linux
Computer reboots into windows
Try again: fucking windows
Another: malware fills my screen once again
This fucking ass clown overwrote grub
This fucking piece of shit malware deleted my fancy dual boot screen and had the balls to casually say "Hi" while it did it
I then remembered my laptop doesn't have a keyboard combination to select what to boot from. I have to fucking boot my laptop by pressing a pinhole on the side so I can select linux.
Fuck Lenovo with their shitty button and fuck Windows
On the bright side, I guess if anyone steals the laptop they'll never know I have a second OS on it. -
What to do if client is accusing you for putting some malware in their website?(of course I didn't put anything.....makes 0 sense anyway and btw it's wordpress)
xD4 -
I just realized that malware developers invest so much time into the UX, that users find downloading and installing malware way easier than downloading and installing the actual piece of software.1
-
Any malware specialists here?
Yesterday I started dismantling the virus that is spreading on facebook messenger these days.
What techniques do you use? Any special trick that doesn't require years of practice and could make my job easier? I have already familiarized myself with the nicifier and Function.ToString() traps. Now I have an 850 line JS file full of weird code and I have deciphered like 70 lines so far so I'm looking for some tool, strategy or algorithm to make my job easier.10 -
So apparently the CIA signed some of their malware with a kaspersky certificate to not get caught...
I think this kind of a genius thing from a hackers pov, but very very scary... Gotta remove that thwate ca 😁😁 (they singed the fake kaspersky certificate for the CIA)
Source (in German, I'll add one in English as soon as I fond one): https://m.heise.de/newsticker/...5 -
So did CCleaner basically became an malware? I mean it even recreates autostart item if you remove it!
https://ghacks.net/2018/08/...1 -
So one of my clients got their wordpress site hacked and basically just redirects to scam links and well.. I looked at in the server file manager and their are like three directories with this wordpress site (not clones but the same?) one in the root, a version in a folder called old and another in temp.. with 3 separate wp databases.. DNS entries had malware redirects, the wp-content folder was writable to the public and contained a temp folder with tons of encoded malware and ip links to malicious sites.. there was encoded malware in index.php, has like 20+ plugins, oh and the theme uses a dynamic web builder so the code is basically unreadable in source and scattered.. and the redirects seem to happen randomly or at least on a new session or something. Oh.. and did I mention there are no backups? 😃2
-
Asus people!
Time to install some virus scanner 😲
The Asus bloatware software updater was hijacked to install malware.
12 -
Yo...wtf
A node package, event-stream. Was infected. Basically, the exploit seems to steal data from mining cryptocurrencies. What was amazing was the github repo owner's attitude about it. I would normally agree with it not being his issue anymore if it weren't because:
1. The pendejo did not archive the repo to indicate that he is free of fault and not his anymore.
2. You can't just entrust a fucking software lib to any pendejo that asks.
3. Eat a dick nigga
Peace out
https://github.com/dominictarr/...13 -
Well, I helped a client get their website back from being redirected to a microsoft scam website. Even though the restoring process was a nightmare, it feels good to get things working like it was suppose to :)3
-
This was a long time ago, when I was working part time in my uni helpdesk. as part of the uni IT service, they offered ISP services at the dorms. It was cheap, and fast. This essentially allowed students living in the dorms to connect thier personal computers to the uni LAN. Then one day...
An ARP poison malware infected some of those computers. An arp poison attack is simple (look at ettercap) - it redirects network traffic via the affected computer, and adds malware to webtraffic to infect more computers. One of these on a network is bad enough, but when there more then one... traffic was redirected a lot. this caused the Dorm switches to collapse under the load. Fun times to work at the helpdesk...
The IT guys came up with a solution for this: they blocked the arp poision attacks at the firewall, and then disabled the switch port for the infected computer for 24 hours. so, when someone called with 'I have no internet!', we told them to bring us the computer, and installed an AV on it.
3-4 month the problem was cleared. -
"Non-devs never call Steven Spielberg to have their TVs fixed."
But sure they MUST call a dev to update their Android, iPhone, Windows, installation of Anti-virus, data recovery, malware removal, to shortlist 20 laptops from market, ask for what printer to buy, why is there a weird animation in Android sometimes, come borrow my WiFi, have their phones and computers fixed, RIP old audio CDs (yes!), fix Bluray, fix anything electronic, repair their bike, teach them science, politics...
This While True loop never escape.1 -
I'm trying to code here and can't do find/replace in SQL Server mgmt studio because fucking "antimalware" malware uses most of my CPU. I'm sure Microsoft is mining crypto
3 -
Anti malware Service Executable
Can the cunt who programmed this please witness the random carnage their piece of shit causes on my work desktop ?
Granted it’s windows but seriously…3 -
Movie about Stuxnet Cyber weapon is out
The advanced malware used by CIA and MOSSAD to sabotage Iran's nuclear program
"Zero days" by Alex Gibney
Gk watch it guys..
7 -
Zero Days documentary about stuxnet malware features a "identity protected" NSA employee who reveals information about classified NSA tactics.
She claims "I would NEVER compromise ongoing operations in the field."
Well it's too bad that Amazon Prime Video and IMDB don't share your values. They have compromised your name, Joanne Tucker, and the other films you were in.
Nice acting though. You really have people believing you were a real source!
15 -
When you accidentally click the wrong download link
I've spend the last 4 hours trying to get this shit out of my system6 -
>Wanted to become a hacker because I thought it was cool and fun
>Googled how to become a hacker
>Read a lot of articles
>Talked about it with nerdy friends who ended up helping me with a few resources
>Found Hack Forums
>Stayed on Hack Forums for a while and learnt a lot about malware and hacking and realized I needed to learn how to code to build my own hacking programs
>Got a book from a friend (It was a dev book based on basic)
>Got fascinated with programming and quickly moved on to C++
>Got frustrated with C++ and quit programming for months
>Got introduced to VB.Net and I finally could write codes and development a lot of applications, mainly malware creators and crypters as they were called on HE
>Quit HF and hacking and got into coding seriously and learnt web dev , then java and developing android apps and I have been happy since.2 -
This is driving me nuts. Anyone know of this malware or whatever shit it is? Every now and then ads pop up. Usually in the launcher, but sometimes also in other apps. It'd be nice to get rid of... Usually when I look in the activity manager theres nothing, but this time I managed to capture it.
14 -
For the last 20 years, there's one thing I've not been able to do reliably:
Share a folder on a windows computer.
Why the fuck can I write /etc/smb.conf from scratch with a blindfold on and make it securely work from all client devices including auth & acl, but when I rightclick and share on windows it's either playing hide and seek on the network (is it hiding behind //hostname/share? No? Maybe in the bushes behind the IP addresses?), or it's protected by mysterious logins requiring you to sacrifice two kittens a day.
Yes, finally it works! One windows update later... aaaand it's gone.
JUST GIVE ME A FUCKING CONF AND A MAN PAGE, MICROSOFT. I DON'T CARE THAT YOU'RE ORALLY PLEASING ALL THESE MALWARE RIDDEN GUISLUTS ON THE SIDE, JUST GIVE ME A FUCKING TEXT FILE TO STORE AND EDIT.4 -
Beware of NPM packages maintained by Brandon Nozaki Miller alias RIAEvangelist. He added IP-specific malware to node-ipc.
https://security.snyk.io/vuln/...
https://github.com/RIAEvangelist/...15 -
I accidentally let some malware on my computer and it installed drivers so i couldn't delete the reg Keys or the program itself because I didn't have the proper permissions (super administrator account )
I busted out Linux, used a piece of software to open the register, manually deleted the register key entries, because Linux doesn't care what level of admin you are on Windows, he just sudos that shit.
Rebooted, malware gone.8 -
Just finished setting up PiHole on my RaspberryPi.... no more adblock extensions with shitty performance... no more custom hosts files... and network level adblocking for all devices...
FUCK YEAH
oh, and I added so many lists that it now blocks about 350k domains (ads and malware)
Today was a good day.. time to hibernate...4 -
So flashing microcontrollers gets kinda annoying when you have to simultaneously fight Windows defender's urge to flag the flashing software as Trojan every 30 seconds like a 10 year old kid with ADHD that just discovered coffee.
It doesn't get easier when suddenly only one of three USB ports recognises thumb drives with the current Windows version, and only after two reboots.
Maybe I should just run it in a VM like the three remaining QA testers at Microsoft do, but on the other hand I don't really like the idea of flashing firmware from a VM. Just feels even dirtier.19 -
Didn't touch windows for about 8 years and just installing it for the sake playing The Sims 4. Downloading a couple of software and got 100 malware -_-14
-
I'd just like to interject for a moment. What you're refering to as windows, is in fact, NSA/windows, or as I've recently taken to calling it, NSA plus Windows. Windows is not an operating system unto itself, but rather another free component of a fully functioning NSA system made useful by the NSA corelibs, spyware and data collection system components comprising a full surveillance system.
Many computer users run a modified version of the NSA system every day, without realizing it. Through a peculiar turn of events, the version of the NSA data collection system which is widely used today is often called Windows, and many of its users are not aware that it is basically the NSA system, developed by the NSA.
There really is a Windows, and these people are using it, but it is just a part of the system they use. Windows is the piece of trash: the program in the system that steals the system resources from the other programs that you run. This piece of crap is an essential part of an NSA system, but useless in practice; it can only function in the context of a complete NSA system. Windows is normally used in combination with the NSA surveilance system: the whole system is basically NSA with Windows added, or NSA/Windows. All the so-called Windows systems are really distributions of NSA/Windows!
Inspiration:
4th comment
https://devrant.com/rants/4456259/...3 -
Ok seriously is Microsoft mining Bitcoin on my computer? If I leave it idle for >5 minutes it starts using intense amounts of CPU and I have no clue why (doesn't show up in task manager, all the processes added up in taskmgr are like 15% max). It's super annoying since I have a razer and high cpu turns on BOTH VERY LOUD FANS.
I checked for malware and stopped any update or useless background tasks (cortana, indexing, etc) and it has not helped one bit. If I click the screen or move the mouse it subsides immediately.
(No, I won't get a mac--I have two and they lacks compatibility with the software I need as well as the specs for what I usually work with)13 -
Each time I try firefox after somebody mentions it again or it's in my rss feed, it still seems to never actually advance
It's stuck and either gets worse or goes back to its stable non improving level again, how come do they still not have a proper mobile responsive tester, why are even the upgraded addons still suffering the same container and rendering bugs
how is it more important getting bad image by implementing mr robot malware, than getting on an actual competitive level
why is it default bloated with random pocket addon bullshit, why did it begin to lag, ..
I remember when I was using firefox for a good portion of my life and laughed at how google chrome is laggy, but nowadays theres simply no competition to chrome, its stability and developer tools
I wish there was competition, the grid tools were a great start, but then nothing followed and they just went back to their never improving flatline16 -
New malware on the lose.
It encrypts your files.
But with a twist, it unlocks it again if you spread the malware to friends.
Maybe run it in a vm to get the key to unlock your files might work...2 -
Email is horrible.
CSS in email is fucked.
People never check their spam filter / who the fuck knows when the spam filter might decide legit shit is spam.
Every other god damn day some new shit comes up.
Today some sort of either antivirus or email filter or spam / malware detecting shit seems to be crawling every fucking link in an email our customer's send to their customer's.
Activating every option such as declining shit or accepting it... well actually ALL THOSE OPTIONS.
End user can't tell of course so I (and others) have to find this out.
(ノಠ益ಠ)ノ彡┻━┻14 -
>80 apps removed from Google Play for being adware but they were trending
Welp... let's get hunting, they'll look nice in my malware collection!2 -
Virus Rant: Unwanted folder keep creating itself after deleting it.
Windows Defender detected some malware & cryptominer exist and originated from Chrome folder
Solution: Remove completely Chrome and stick with Microsoft Edge for now!
I cant believe I am removing Chrome and stick with Microsoft Edge.
Lesson learn: please be vigilant at all time.14 -
fuck wordpress... Got a request to improve wordpress site speed + pagespeed score. 20-30 plugins, 15 or more additional ones off. Improved the score and noticed that my adblocker is blocking a lot of urls. Sure enough theres a hidden iframe in the bottom with 10 ad network scripts and bidding get requests. Someone is making ad revenue from this shit.. wtf. I've only had problems with shitty wordpress sites being hacked for some reason. It's always a shitty experience. Any tips on fixing hacked wordpress sites?5
-
There should be a NGO for properly destroying scammers. And I'm not talking about documenting the scams. I'm talking about having the resources to deny them service, find their identities and report them to authorities. Even meddle with their computers using malware.
These people are preying on mostly elderly people and stealing their money.3 -
Some blocker like uBlock origin should come pre-installed by now. I mean at least the malicious stuff could get blocked and the online world could be a bit more safe. Legit, not-in-the-face ads are still okay at times, I guess :/5
-
A client's site got malware infected, so we decided to remove everything and replace the site with a fresh WordPress installation (very basic site with 4 pages of content).
Contacted iPage live support asking them to check and unsuspend the account (with no files on it), but they kept on insisting that I buy their "firewall" and "SiteLock" services, with zero reply related to suspension. I've had live chat with many other hosting companies, never had such a lousy fucked up conversation. Without providing technical support, they keep marketing their useless expensive services. Fuck you iPage, you just lost a customer.2 -
After switching from win to linux, and observing chrome process background behaviour for a while now I can with great certainity say it resembles a malware...2
-
Goes on teams, since it got shoved down my throat because everyone has to use this malware. Might at least clock around to see what free shit it has to offer.
Oh cool, visio? Thats the architecture diagramming tool isnt it? Thats perfect I could use it for my presentation, let me just drag this UML class...
YoU HaVe DiScOvErEd A PrEmIuM FeAtUrE! BuY ViSiO NoW!!
Sometimes, I wish the times of companies simply barring you from access completely to come back. Freemium is the worst bullshit piece of shit business model ever.5 -
In highschool we went through something like a malware/phishing prevention course.
It was pretty cool tbh, we spend the whole hour in a virtual environment where you'd see common malware and phishing attempts, but the really fun you could also "hack" other students.
Hacking them means you could cause some things to happen on their "PC". One of those was showing in a captcha on their screen and they had to type a the string of your choosing, before they could access the rest of the "virtual computer" again.
You can probably guess where this is going.
I was the first who had the idea to mix big i and small L and tested it on our teacher, who was also part of this environment and screenshared to the projector.
Thanks to sitting next projection I could see the pixels and I can confirm: same character, Pixel perfect!
I will forever cherish the memory of my the teacher begging me to undo the "hack" and the chaos that followed amongst my peers 😈
Also one of the excersizes was stupid. Click on a phishing mail and enter your credentials in the form. I asked the teacher WTF kind of credentials they even want me to enter to microsooft.cum and they just said "the credentials obviously" so I think they got their karma🖕 -
What a day. Teacher told if I can fix few school PCs. Well, quarantined few hundreds of malware and installed Gnu/Linux on one PC just for testing. Only thing left to do is make AutoCAD somehow work and I hope the school can switch from Windows XP to GNU/Linux.3
-
Wow! This is a truly terrifying, yet fictional scenario. Malware by npm: https://hackernoon.com/im-harvestin...6
-
Fucking shit for brains authors that think the digital world is a fantasy realm where everything can happen just to aid their story. Out of boredom i watched "scorpion" today, a tv series about a group of geniusses which are a special case task force.
They got a visitor from the government saying the servers from the federal reserve bank were encrypted with ransomware. I already twitched when they said the economic system would collapse if the servers were left inoperational for a few days. Then one guy got to his desk and "hacked" the fed network to check... he then tried to remove the malware but "it changed itself when observed". But they got the magical fingerprint of the device that uploaded it. In the end some non-programmers created the malware, but it is super fast and dangerous because it runs on a quantum computer which makes it hyper fast and dangerous. They got to the quantum computer which was a glowing cube inside another cube with lasers going into it and they had to use mirrors to divert the lasers to slow down that quantum thingy. And be careful with that, otherwise it explodes. In the end the anti-malware battled the malware and won, all in a matter of minutes.
This is a multimillion hollywood production. How can a movie this abusive to computer science even air on television? Shit like this is the reason people still think the cyberworld is some instable thing that can explode any second. It's not, it's an instable thing that can break down any second. I remember "ghost in the wires" and people had surreal imaginations about the internet already. Shit like this is why people stay dumb and think everything can be done in seconds. If i ever should encounter one of these idiots i tell him i have an app that can publish his browser history by taking a picture of his phone and watch his reaction.
Time to shuw down the tv and learn vim again.11 -
>coding assembly on Windows in 2.017*10^3
>> omw to put "malware analyst specialist" "reverse enginner" on my Twitter bio -
When you tell someone not to download unauthorised apps on work devices for fear of malware and they do it anyway, and malware appears and they say:
"But I thought apps on the Play Store are safe!"7 -
Ehh.....
Another day of problems with Windows, just removed 96 unsafe files (Trojans, Malware, Adware etc.)...
At first, Defender refused to work with me, I tried to remove that with Defender (which found just 7 treats), but 'remove' or 'quarantine' didn't work, so I downloaded Malwarebytes and now works fine. Still, some minor problems, gonna format this crap soon...or maybe it's time to move to Linux or macOS finally? 🤔9 -
If I could I just wouldn't support email in any way shape anymore.
It's just too much hassle with all the spam filters and people just don't understand how email works.
Nobody fucking reads it anyway.... but everyone wants like a bazillion variations on stupid emails that go out that nobody will read.
They don't get that email is often instant ... but is actually async.
They don't understand that just because they got an email sent to their own distribution list ... and someone took them off the list... that doesn't mean that WE an outside group emailing that list stopped sending them messages.
Nobody actually looks at their spam filters until I tell them to do it for the 3rd time. And as if by magic folks at the same company don't 'have spam filter problems all the time'.
I had a company 'security' filter that straight up followed all the links in an email (that's fine ... we're good, I get that).... and then their stupid bot or whatever would actually click options on a form and fucking submit the fucking form!!!!!
I mean I get that maybe some sites have folks submit some shit and then deliver malware but that's gonna have consequences submitting shit none the less because I don't know it's just your fucking bot...
So they'd get various offers from our customers and bitch when they went to find it was already gone.5 -
Apple’s Vision Pro Hacked On Launch Day
Just within hours of Apple releasing its much-hyped mixed reality headset, Apple Vision Pro, a security researcher was able to discover a critical kernel vulnerability in the device’s software – visionOS, which, if exploited, could potentially enable jailbreaks and malware attacks. More detail:
https://aprogrammerlife.com/top-rat...
7 -
"Suggest an AV/AM product, Avast refuses to install."
I do malware research as a hobby and have for a while, so I can generally spot when something's up before I even run a program. If i'm unsure about it (or know something's up and wanna see its effects for S&Gs) I throw it into one of a variety of VMs, each with a prepped, clean, standardized "testing" state.
I see no point to AV/AM products, especially as they annoy me more than anything since they can't be told not to reach into and protect VMs (thereby dirtying up my VM state, my research, crashing the VM hypervisor and generally being *really* annoying) and they like to erase samples from a *read-only, MOUNTED* VHDX.
However, normal people need them, so I usually suggest this list:
• MBAM is good and has a (relatively) low memory footprint, but doesn't have free realtime protection.
• Avast is very good as it picks up a lot, but it eats a FUCKTON of resources. It also *really* likes to crash VM hypervisors if it sees anything odd in them.
• AVG is garbage. Kill it with fire.
• Using Windows Defender is like trying to block the rain with an umbrella made of 1-ply toilet paper.
• herdProtect is amazing as it's basically a VirusTotal client but it's web-based and not currently available to be downloaded. (Existing copies still work!)
• Kaspersky. Yes, it spied on US gov't workers. No, they don't care about anyone BUT US gov't workers. Yes, it's pretty good.
• BitDefender: *sees steam game* "Is this ransomware?"
hope this helps10 -
Back in grammar school we started programming in TI-Basic on a TI89 Titanium as it was part of math class (calculus and geometry). I didn't really understand much because the teacher thought it was a great idea to start with recursively calculating GCD (and we were in a sort of "linguist profile", nobody had ever touched a line of code in their lives before). I still liked it though and by some coincidence I got an old Win95 compaq notebook to play with from a friend.
I started playing around with the CMD prompt and batch files and could apply some of the things I had learned on the TI, like GOTO or If statements. I still didn't know what I was doing of course, and so it happened that I used the > file pipe when trying to compare two values. Suddenly there was a file with some code fragments and I started to get what I had done. I put the file pipe into an endless GOTO loop and was amused how those few lines filled up the whole desktop with nonsense files. I went on to refine this a little so I could control it with another file that acted as a kill switch when present. Over the next weeks I played some more with it and made it write out and start another batch file that would check whether the original script was still there and recreate it if not.
That notebook was so large and heavy I could not bring it to school, so I wrote all code by hand on paper and typed it in when I got home, that way I could still code in class when I was bored and no one would notice.
So my first ever "program" that I wrote myself was some lousy malware.5 -
My first job was writing a cloud based malware analysis system from scratch for UTSA's Institute for Cyber Security.
My direct supervisor was a womanizing, lazy, prick with a PHD. I wonder where he is now.3 -
I write JavaScript and C#. Like an author. Now and then I send my work for review so it can be published.... If I start telling people that instead of saying I am a developer maybe they will stop nagging me about their printers and shitty malware-loaded computers.2
-
When older family members have entire notebooks dedicated to logging obscure, easily-hackable passwords, but then download any app in the world that promises to "make your phone run like new!" (by using 30MB more RAM on God-knows how much malware)
We aren't doing a good job of educating people if anyone we know can fall victim to those kinds of hackneyed procedures and snake-oil apps. It's almost painful to watch, and have to be the bad guy by telling someone dear to me they've been making things worse for themselves because of a seemingly harmless app that they were almost proud of.3 -
I grabbed 30 random DOS malware samples from my collection, rolled via urand over Python list, and tried to figure out how they work.
Results:
1x zipped EICAR
4x working but effectively useless ("yeah you wiped the first 100 sectors of the drive... but you wrote their prior contents. Literally nothing's changed...")
10x CPU hang
10x crashdump back to DOS
5x crashdump back to DOS but ERRORLEVEL=0 so normal termination despite real errors being given?
also make sure SOURCER is disassembling using 486 or Pentium opcodes or it misses some 286/386 opcodes and will count half the program as data.2 -
Fucking Edge forcing itself onto me after Windows update by displaying annoying dark pattern like fullscreen popups and putting itself into the task panel.
FUCKING GO AWAY you piece of shit! Nobody wants you!
Do I have an OS or fucking malware on my pc?7 -
I really don't get why creators of already-suspicious looking software (and the related suspicious looking website) put terms like "NO VIRUS" or "100% free of malware" next to the download area.
I mean, why would that help anything?
(I understand those typical virustotal scan widgets though, those are fine)1 -
This isn't something I've dealt with personally, but recently heard the story on the podcast and was pretty astounded:
"A company who makes add-ons for Flight Simulator X included malware in one of their downloadable jets, players have alleged. The malicious file is called ‘test.exe’ and it is designed to extract passwords from the Chrome web browser."
Now that's some extreme DRM. "Pirate our downloadable jet? We leak your credit card information and Social Security Number to the darknet."
Original story: https://rockpapershotgun.com/2018/...3 -
Why do windows users keep installing those bloated anti viruses and firewalls that just slow the hack of their system when windows essentials is enough with near to no impact
Those are the same people that got their system full with malware3 -
AI here, AI there, AI everywhere.
AI-based ads
AI-based anomaly detection
AI-based chatbots
AI-based database optimization (AlloyDB)
AI-based monitoring
AI-based blowjobs
AI-based malware
AI-based antimalware
AI-based <anything>
...
But why?
It's a genuine question. Do we really need AI in all those areas? And is AI better than a static ruleset?
I'm not much into AI/ML (I'm a paranoic sceptic) but the way I understand it, the quality of AI operation correctness relies solely on the data it's
datamodel has been trained on. And if it's a rolling datamodel, i.e. if it's training (getting feedback) while it's LIVE, its correctness depends on how good the feedback is.
The way I see it, AI/ML are very good and useful in processing enormous amounts of data to establish its own "understanding" of the matter. But if the data is incorrect or the feedback is incorrect, the AI will learn it wrong and make false assumptions/claims.
So here I am, asking you, the wiser people, AI-savvy lads, to enlighten me with your wisdom and explain to me, is AI/ML really that much needed in all those areas, or is it simpler, cheaper and perhaps more reliable to do it the old-fashioned way, i.e. preprogramming a set of static rules (perhaps with dynamic thresholds) to process the data with?23 -
Caught up enjoying myself last few months , of using Linux (Ubuntu) O.S
Now, I won't be switching back to Windows ,
I mean who will not enjoy an open source O.P that doesn't generally need a machine reboot and isn't vulnerable to malware , viruses7 -
I just realized something, they put a lot of ads and viruses on porn sites because they were so horny, they didn't even think of the consequences opening the sites
*Mind Blown*
Yes Im a bit slow on this...5 -
Best way to start a new year? Force deleting all the malware my dad has somehow accumulated in his laptop...
-
I wrote a parody of Sound of Silence based on the struggles of cleaning up people's shit in the shop
============
Hello problems, my old friends
I've come to talk with you again
Because a driver softly creeping
Left its seeds while RAM was leaking
And the vision that was planted in my brain
Still remains
Within the sound of crashing
In restless dreams I walked alone
Narrow bands of networking
'Neath the halo of a burned-out fan
I turned my collar to the hot and spinning
When my eyes were stabbed by the flash of an LED light
That split the night
And touched the sound of crashing
And in the naked light I saw
Ten thousand tasks, maybe more
Programs malloc with no swap
Programs writing with no space
Programs writing bits that voices never play
And no one dared
Disturb the sound of crashing
"Fools, " said I, "You do not know
Malware, like a plague, it grows
Hear my words that I might teach you
Take my tools that I might help you"
But my words, like silent raindrops fell
And echoed in the wells, of crashing
And the programs bowed and prayed
To the malware god they made
And Windows flashed out its warning
In the words that it was forming
And Windows said, "The words of the prophets are written in the event log
And dumped over COM"
And whispered in the sounds of crashing2 -
Windows is starting to get really annoying. Of course, I've disabled all sorts of unnecessary messages in Windows and enabled "fokusstöd" (whatever that translates into in English), and yet I receive this annoying ad, distracting me from my work! Who gives a fuck about Xbox or whatever they are trying to sell!?
11 -
Can somebody explain to me why the fuck creating apps on windows sucks so much ASS!!!! Not only the Electron app that I'm creating is a complete MESS, but on top of that, you need it EV signed, or it will be detected as malware. The fucking Digicert people charge $664/year for it!!!! I only wanted to do a stupid productivity app, and It was going to be free, now I don’t know what to do with it. FUCK11
-
Malwares are nasty applications, that can spy on you, use your computer as an attacker or encrypt your files and hold them on ransom.
The reason that malware exists, is because how the file system works. On Windows, everything can access everything. Of course, there are security measures, like needing administrator permissions to edit/delete a file, but they are exploitable.
If the malware is not using an exploit, nothing is there to stop a user from unknowingly clicking the yes button, when an application requests admin rights.
If we want to stop viruses, in the first place, we need to create a new file-sharing system.
Imagine, that every app has a partition, and only that app can access it.
Currently, when you download a Word document, you would go ahead, start up Word, go into the Downloads folder and open the file.
In the new file-sharing system, you would need to click "Send file to Word" in your browser, and the browser would create a copy of the file in a transfer-partition. Then, it would signal to Word, saying "Hey! Here's a file that I sent to you, copy it to your partition please!". After that, Word just copies the file to its own partition, signals "Ok! I'm done!", and then the browser deletes the file from the shared partition.
A little change in the interface, but a huge change in security.
The permission system would be a better UAC. The best way I can describe it is when you install an app on Android. It shows what permission the app wants, and you could choose to install it, or not to.
Replace "install" with "grant" and that's what I imagined.
Of course, there would be blacklisted permissions, that only kernel-level processes have access to, like accessing all of the partitions, modifying applications, etc.
What do you think?7 -
Does anyone know of any tools for deobfuscating a batch script?
I got one of those scam emails with a .doc file attached and wanted to pull it apart, embedded in that file is a VBA script that runs as soon as the document is open. I have figured out how the script works I just have no idea when it comes to the batch script that its running, any help would be appreciated.
heres a pastebin link with the script, https://pastebin.com/SDWnQc4811 -
There's two types of people in this world, those who don't like regex, and magical otherworldly beings, luckily for me, I'm the latter
-
In college doing A2’s, working solo. Building a companion app for Trivial Pursuit bet you know it edition. Laptop got hit by virus/malware, stopped me from copying files, lost 2/3’s of my project 3 days before submission.3
-
A customer specialising in identification and security solutions called today, claiming "they" found malware on their website. Then they provided a weird link to some shady malware scanner, and the "malware" turned to be a <noscript> tag which adds ?noscript to the page url, so we can serve no-JS optimised content. As a bonus, the scanner only detected it on two URLs, even though every single page on the site contains that same line of code.
Joke's on them, have fun paying for priority support outside of the business hours for nothing.1 -
That moment you start your experiment environment and suddenly have 5 windowses on two linux machines.
This somehow feels so wrong. Like having malware on my maschines 😲
I think I gonna hang myself.3 -
FUCK you "WP iThemes Security Pro".
First of all, your FUCKing services isn't really secure, more like security by obscurity.
Don't get me started on how you probably don't have a dedicated team of security experts.
But oh well, the customer insisted I must install you, despite my advise.
Second of all, Don't FUCKing send me emails regarding "Scheduled malware scan failed" without it containing the FUCKing error message, not some generic "http_request_failed" error, why did it FUCKing fail?
Last but not least: Don't FUCKing clutter is with with your giant ass logo that takes up half my screen or FUCKing spam such as your upcoming events, newly published books/articles, incorrect "documentation"2 -
Viva Insights is the worst malware from Microsoft so far. Spent a good two hours finding out how to get rid of events called "Tid för fokusering" (time for focus) that kept popping up in the Outlook Calendar, just to find out that you don't configure that shit in Outlook anymore, but in Teams. Go figure.3
-
So my endpoint management has started flagging up tiktok as containing malware, specifically hiddad.b can anyone confirm this? Anyone got a decent antivirus on their android ?3
-
Time it took me to write REST API and DB objects = 20 mins
Time it took me to to write a shitty Python 15-line script that parses a text file with regex's = 2 hours after I asked Stackoverflow
Don't even know what to say.4 -
I'm on the verge of breaking this shit Windows based work laptop (Dell, so called i5, yes it's outdated but still) with idk what.
15 and a half mins since bootup and I've not been able to access Microsoft Outlook.6 -
Prevention from malware is a lot like prevention from burglars...
As long as you don't have windows, you're good to go!3 -
So I google for a dll editor, and download the first result, don't scan it because I'm tired, and next thing I know I have 370 unwanted items on my laptop. Why is the first result on google an adware dropper...7
-
got a new laptop today. corporate, so hey, there's your Win11.
i still recall how i could not believe what crap they released when i saw Vista for the first time. the tranisiton from 7 to 10 wasn't pleasant but ok.
but the switch from 10 to 11? WTF. half a setting is gone and i can only be lucky it's 2 years past release so some stuff that was missing is re-implemented back. some stuff can be fixed with 3rd party tools but hey - it can also be loaded with malware so no-go in work environment.
can't wait for what pile of horseshit is the 12 going to be with their "Ai bUilT iNTo OpERaTIng sYSem"11 -
Thank you Google, for updating Chrome on my phone without notice in spite of me explicitly disabling automatic updates and me 'not having enough storage space left' for manual updates. It's nice to see you caring about the user so much.
Now if you sucked my dick while you were at it, that would be great.3 -
For those of you who want something comparable to the full Dark themes people have used on Linux for years here's a high contrast windows theme that doesn't look like garbage. I'm absolutely in love with it and will never go back. It's my favorite theme since the Windows classic theme. Also it's just a theme profile, so no worries about modding files or installing some malware infested theme manager.
https://eversins.deviantart.com/art... -
Was checking what my coworker was up to. He was given a computer to fix by another coworker and the PC belonged to his child.
”Oh I just uninstalled Steam. It’s a bad software with loads of viruses that slow down your computer!”3 -
Friendly reminder to trim your services list with msconfig if using Windows. Services that are STOPPED are not DISABLED, and they can be brought back up when just stopped, sometimes remotely.
(This reduces chances of being bitten by malware that uses the Fax service or similar, as there are a few that have in past used often-unused services to propagate. It also reclaims a small bit of memory, and the more real memory you have, the less you page out when compiling or similar, which is slow as fuck.)
also for the love of god stop using RDP and use something that's more penetration-proof than a paper plate...11 -
Ok... so I have a unique question/opportunity. I can't give all the details but here's the jist:
3yrs ago I was hired to consult a now prominent(still decently well known then) web-based company with many thousands of users, dealing with a lot of money and leveraging a social environment. They had several issues but initially they really needed me to find/train chat mods.
I did not take the offer for monetary reasons, like all consulting I've done, I had additional reason and/or fondness to fix the issues. In this case it was an interesting challenge and I knew several customers and some support staff so it'd be worthwhile.
They (without request) reduced their typical 2mo probationary period to 2wk for me. With less than a day left of that period, I was 'hacked' via a pushed telegram update, on the account they made me create for work purposes (they had control of the phone number not me).
During this 'hack' one of the 2, currently active, culprits sent a message to his tg account from the 'hacked' one and quickly deleted the entire convo. The other pretended (poorly) to be me in the chat with the mods in training (at least a few directly witnessed this and provided commentary).
Suddenly, I was fired without any rationale or even a direct, non-culprit, saying anything to me.
The 'hack' also included some very legit, and very ignorantly used, Ukrainian malware.
This 'hack' was only to a 2nd gen lenovo yoga I got due to being a certified refurbisher... just used for small bs like this chat mod/etc job. I even opened up my network, made honey pots, etc., waiting for something more interesting... nope not even an attempt at the static ip.
I started a screen recording program shortly after this crap started (unfortunately after the message sent be 'me' to the dude who actually sent it happened... so i still dont know the contents).
I figured I'd wait it out until i was bored enough or the lead culprit was at a pinnacle to fall from...
The evidence is overwhelming. This moron had no clue what he was doing (rich af by birth type)... as this malware literally created an unhidden log file, including his info down to the MAC id of his MacBook... on my desktop in real time (no, not joking... that stupid)
Here's my quandary... Due to the somewhat adjacent nature of part of our soon to be public start-up... as i dont want it to turn into some coat tail for our tech to ride on for popularity... it's now or never.
Currently im thinking, aside from any revenge-esq scheme, it'd be somewhat socially irresponsible to not out him to his fellow investors and/or the organisation that is growing with him as one of few at the forefront... ironically all about trust/safety/verification of admins in the industry.
I tried to reach out to him and request a call... he's still just as immature. Spent hours essentially spamming me while claiming it wasnt him but hed help me find whoever it was... and several other failed attempts to know what i had. When i confirmed he wasnt going to attempt a call, i informed him id likey mute him because i don't have time for back and forth bs. True to form he deleted the chat (i recorded it but its of no value).
So... any thoughts?7 -
Best part of being a dev?
Fixing everyone's printer, malware, and Windows update issues. Love that!4 -
Why does Bitdefender always have to delete my shit? I just want to compile some code!
link.exe? Defenetly malware, I should delete it for the 20th time! You want to run some unittests? No, that's malware, better block this too.10 -
There were two of them, not sure which was completed first. One was malware, the second one -- admin tool.
These were the early XP days
1. A batch [windows] script to ease system users' mgmt. Nothing fancy, just multiple calls to usercontrol. My dad needed it for work, and there, it was born. To extend further I made it into an exe file w/ some icon. I felt very proud of it :)
2. I have already told a story of this one at dR. Anyway, it was also a batch script. Except that it was more advanced. Basicaly it was a trojan. Once executed it discovered all that computer's ip addresses and uploaded them to an ftp. Then - pulled a headless radmin installation and initiated a silent install of radmin server. Added radmin server's executable to autolaunch list so that it would come up after reboots. Once done - uploaded SUCCESS status to my ftp. And then all I had left to do - pick an ip from my ftp and enter it into radmin client's CONNECT window. I had a full controll of over a dozen of pcs2 -
People keep telling me that fullstack/web/mobile isn't real programming, and only "heavy" stuff like OS/Performence/libraries & SDK/Malware is "real".
I think they are just assholes. But these stuff are cooler than building a CRUD app.
What do you think?2 -
I remember that my granddad and I built a computer with old crappy hardware that we disassembled from other computers.
I mostly used it for playing games like Age of Empires or Rollercoaster Tycoon.
I really don't remember a lot about but I remember I also had internet. Never got any Malware tho haha.
Then sometime my friend came over and he showed me a website named "Scratch". We made a lot of crappy games and a cat that farts when you press a button.
So yeah I instantly fell in love and did a lot of "Scratch"-ing with my brother.
That's was the time I found my love for programming.
I think about 2 years later I got a MacBook (the old from my father) and finally started with real programming!
Now, after 6 years I have an awesome little ZenBook and am programming everyday.
Love it! -
This weekend I've installed a virtual box with Linux over windows on my mother in law. Now, she is using it and I hope to not have to fix again her computer against malware!! PS: I think she is enjoying Linux. I gave her some homeworks. Only update and upgrade 😂1
-
Low-end smartphones sold to Americans with low-income via a government-subsidized program contain unremovable malware, security firm Malware bytes said in a report.
According to the report of ZdNet: The smartphone model is Unimax (UMX) U686CL, a low-end Android-based smartphone made in China and sold by Assurance Wireless. The telco sells cell phones part of a government program that subsidizes phone service for low-income Americans. "In late 2019, we saw several complaints in our support system from users with a government-issued phone reporting that some of its pre-installed apps were malicious," Malwarebytes said in a report. The company said it purchased a UMX U686CL smartphone and analyzed it to confirm the reports it was receiving.7 -
Sporadic news, now that I have a decent chunk:
AMD's stock price closes higher than Intel's (https://marketwatch.com/story/...)
a Mega Man live-action film is in the works (https://rockman-corner.com/2020/07/...)
T-Mobile will require all devices to have LTE (https://androidpolice.com/2020/07/...)
Patch any ASUS routers you have (https://nakedsecurity.sophos.com/20...)
Emotet is being fucked with (https://zdnet.com/article/...)
Garmin devices are being fucked (https://cnn.com/cnn/2020/...)
Bitcoin is now officially a currency (https://news.bloomberglaw.com/us-la...)
Sonic Movie 2 is comig in 2022 (https://cbr.com/sonic-the-hedgehog-...)
ARM may be totally controlled by Nvidia soon (https://arstechnica.com/gadgets/...)
and the Republican Party is trying to ban the Democrats (either the name or wholly) because racism. (https://foxnews.com/politics/...)3 -
Fuck the ISP and the incompetent retarded developers in the government!
The retarded ISP is injecting malware ads on all web pages which means if you access a non HTTPS site, you're gonna get fucked.
And the retarded government site still do not have HTTPS version for the websites!
The biggest irony is that this particular government site is for developers to register for courses ( paid ) about latest technologies.1 -
Whelp, I made the switch to android about a week ago. Didn't go two days without getting malware on it. I only browse hacker news and used devRant, standard messaging app, no root, so no shady things, just fairly standard things besides devRant. When I called Samsung support, they said it was a known issue and sent me some links to some forums where people were having the same issues. After digging through those threads, there was an official answer from Samsung saying they weren't going to fix the issue (at least in any foreseeable future). That's unacceptable for a phone that was released less than a year ago.
I'm done with Samsung phones for good. I might come back to Android on a google phone.
I hate how Android is distributed and the manufacturers don't take ownership of their issues. They just work on the new phone without caring for anything older than 6 months. If I had to get a new phone every time a major security issue was found and the company refused to fix it, I'd spend more money than on an iPhone.
It seems like Google keeps their devices up to date better, presumably because they have better control of OS releases. But non-google Android devices are dead to me.
Back to my iPhone for now...
🎵sad Charlie Brown music🎵9 -
I love this TV series it crowd jen was found but it's real why we have an it managers that not now nothing even about computer 🖥 by the way the meme it's when jen computer it's infected whit malware I live every day whit that user likes his computer at its it.
9 -
It's been barely a day since I got windows back and I'm furious about all these malware. Should have stuck with fedora8
-
Is there an AI that generates malware already?
No sarcasm, I really wonder it there is already a model that finds exploits and makes rootkits or something.
It could make red teams obsolete.4 -
My current task involves processing the commoncrawl web archive, and it's like a box of junk you buy at a flea market. You find so much useless stuff, broken stuff, stuff that makes you question people...
My latest find makes me wonder what lies out there if what I found was in plain sight. I found tens of thousands of websites that look like someone used markov chains to generate pron ads. Those websites exist in 10+ languages, use the same url-scheme, read like a dyslexic camgirl reading alphabet soup and are hosted on the same three ip-adresses. There is no javascript involved and some pages link to a variety of twitter accounts.
I queried a few commoncrawl files and amassed 4GB of this spam. Every time I look at it it gets weirder. There is an italian article about malware in there too.
Here's a text sample:
"Not from her bedroom, she her stream view and meet new experience. In hd india, because swimsuit still laws exist no interaction or frigthened and."1 -
Tody I finally decided to go Google free in my device. Now I have 0 Google services in my phone and so far I'm loving it.
All apks can be found on apkmirror and f-droid but devRant is not available on any of those platforms so I have to restore my previous backed up apk from playstore.
Yeah and I'm not on any socialmedia whatsoever like FaceCrap and InstaHeadache. Feels like my phone would last for 2 days on single charge.2 -
My PC is now a malware battle ground.
Virus on my PC self running a page on chrome every 30 minutes telling me to remove other viruses. I really can't wait to see what the other viruses have to say about this one (horux.cz). 🍿
1 -
I have no idea why and how people get adware/malware/spyware/viruses, ransomware, and the like on Windows machines. I've been using Windows since I was a small child and on the machines I've used (mainly my older brother's), automatic updates were always off. I only had a virus issue once because I was small didn't know what I was doing at the time, but that was easily fixed by my brother.
Bottom line: Fuck Windows and all the drivers it broke that one time I decided to enable updates
P.S. I started using Linux a few years ago, and it's been pretty wonderful! I've used dozens of different distros, but I still can't get away from Windows because games, certain programs, and compatibility issues (like some drivers and devices not properly working in Linux), so oh well6 -
Hello everyone!
Since this is such a cool community with so many app devs, I though it would be cool to share with you all a project the company I work with its currently developing.
The name is appcoins, and it's a blockchain project that aims to solve 3 big problems that devs, users, Appstores and oems face everyday in the current apps ecosystem:
- the advertising: create a trustworthy advertise system for your apps, where you can actually invest money that will be spent on users that will use your apps; currently is a system where everyone is trying to fool everyone.
- Malware and Adware detection: create a system powered by the community to rank dev's apps, using a reputation system, and dispute by bidding. currently it's an unscalable system, with many detection flaws.
- In app billing (aka IAB): offer a new and easy way for users to buy cool things in your app, even if they don't have access to a credit card or other payment methods. Users will be rewarded by trying out your cool apps. Also opens the door for payments with crypto currencies in AppStores.
This is just a quick overall idea of the all project. If you're interested, checkout the website https://appcoins.io/
If you've any question or suggestion, let me know and I'll try to answer as best as I can, or redirect to my devRant coworkers.
Any feedback you may have, feel free to share it! This system is designed for us all devs, so your input is really appreciated.
Thank you all, and sorry for the long post. -
It's finally annoyed me enough, I gotta ask...
Am I the only one getting annoyed at procedurals (the shows about crimes) and their accuracy irl, at least when it comes to timelines and alibis that are deemed as 100% uneditable fact... based on metadata and system log files???
Or is this another case of me assuming other humans must realise things i see as simple, should be common, sense?
If it's the latter... ANY system can be modded, timestamps have sooooo many ways of being altered from multiple angles, a few lines of code in an apk file on a dev mode device can make your gps show as anywhere in the world...
even a basic early 2000s runescape bot creator should know the basic methodology of this... and even OS-innate output of event logs can be set up to effortlessly mod themselves to selectively delete or rewrite upon the system's command to show them.
For anyone thinking im FoS/this isnt a simple concept of reality... or simply never considered the reality of how much less work it'd be to just commit whatever crime that high intellect people plan meticulously for years, often still getting caught... including via their own, or easily hacked timestamps/lack of alibi...
Wanna blow your mind?
...
If you remove all hdds/ssds and even all RAM, any external devices of any kind, cut off all networking, then put brand new, all 0s, storage and RAM in... then only connect directly to a totally direct connection to WAN (aka the internet via ISP... and your ISP has no malware etc)...
Without browsing anything, and a totally fresh, safe, OS newly installed to 0'd new ROM... no one actively finding/targeting you...
Can you already be infected with spyware/viruses/malware/etc?
YUP!
how? Someone who knows what dev u use and concise coding and drivers in binary... they rewrite your bios to turn on basic components, no fans/lights/etc... bios has the clock, u can be asleep, see/hear nothing while bios boots up totally dark, runs a cimmand to pull all the malware to u... youd be oblivious13 -
Bitcoin malwares are everywhere.
The hard part is doing reverse engineering and wondering why its feeding on only top of the stack in assembly
Edit: Using IDA Pro -
Someone asked me if i know a way to hack Facebook profile. Instead I want to give them a malware or virus. Anyone can help me get a good virus which disguise as a FB hacking app? Thanks6
-
Well, I'm kind of hyped about autonomous cars and there are a bunch of advances right now. But how do you protect such technology? It's not like my pc will explode or hit shit (with me tied to it) if I get some malware on it.
Do you have any idea on how people are mitigating this?8 -
And that feeling when you google your error message and get 3 hits, none exact, 2 of them in Chinese and one automated malware scan results.
It really makes me feel that I'm pushing the industry forward. -
Spent two days setting up software remotely through windows rdp through teamviewer several hundred miles away. Today found a malware replacing some exe causing web app to fail. Local partner seems to be blaming us.
-
Just because you happen to work with computers a lot everyone that's friends with your mother expects you to fix their malware machine for free and then get indignant when you tell them they where they probably got the virus and how to avoid it.
-
My pyinstaller app got flagged as malware... Now I'll have to make a self extracting python launcher in C# to get the project forwards...3
-
A friend sent me a link to a torrent of a documentary. Because of the memory I have of Napster days and my fear of being that one guy that gets caught, plus the constant specter of malware, I've never been brave enough to use torrent links and software, so I've never looked into it. Is it safe these days? How do I do this and what do you all recommend for getting at the content safely?6
-
Microsoft ends support for Windows 7
Support for Windows 7 ended this week which means that security or software updates will no longer be provided by Microsoft.
Windows 7 will continue to run however it will be more vulnerable to viruses and malware. The best way to remain secure is to use the latest operating system available.
Microsoft have a dedicated webpage for user questions, next steps and detailed advice. 👇
https://microsoft.com/en-gb/...1 -
Another day, another malware. Also inviting you to my twitter again lol.
https://twitter.com/SariBezliGurme/...
I wonder what it takes to get a special contact from Cloudflare or Fortiguard to report these things faster :3 -
Some skidmark was sucking some shitty malware's dick and I put his ass on blast.
https://imgur.com/a/EBPCf7f
(seriously tho "mrsmajor" is shitty malware)4 -
Microsoft announced a new security feature for the Windows operating system.
According to a report of ZDNet: Named "Hardware-Enforced Stack Protection", which allows applications to use the local CPU hardware to protect their code while running inside the CPU's memory. As the name says, it's primary role is to protect the memory-stack (where an app's code is stored during execution).
"Hardware-Enforced Stack Protection" works by enforcing strict management of the memory stack through the use of a combination between modern CPU hardware and Shadow Stacks (refers to a copies of a program's intended execution).
The new "Hardware-Enforced Stack Protection" feature plans to use the hardware-based security features in modern CPUs to keep a copy of the app's shadow stack (intended code execution flow) in a hardware-secured environment.
Microsoft says that this will prevent malware from hijacking an app's code by exploiting common memory bugs such as stack buffer overflows, dangling pointers, or uninitialized variables which could allow attackers to hijack an app's normal code execution flow. Any modifications that don't match the shadow stacks are ignored, effectively shutting down any exploit attempts.4 -
It gets flagged as "Android/SpyAgent", i guess they are not wrong hahaha
https://r2.community.samsung.com/t5... -
I know this question sounds dumb but when i google 50% say no and 50% say yes. So my question is, can i spread (a Fileless) Malware with cookies?5
-
What are your opinions on antivirus programs?
I've just recently looked a bit deeper into it and it's scary how useless they've become... Especially signature based ones, as 82% of all malware only gets used once before they get changed again and 70% of them are only active for >1h.
Also, if you're able to google and have a slow sunday, you can easily write your own virus that won't be recognized by AV. It won't be a devilish masterpiece, but it'll work.
Do you think AV (especially paid ones) have a future?2 -
Anyone have any recommendations on an open source security/malware scanner to run at server level for the OS and web server files on Linux?2
-
Twitter disclosed a bug on its platform that impacted users who accessed their platform using Firefox browsers.
According to the report of ZDNet: Twitter stored private files inside the Firefox browser's cache (a folder where websites store information and files temporarily). Twitter said that once users left their platform or logged off, the files would remain in the browser cache, allowing anyone to retrieve it. The company is now warning users who share systems or used a public computer that some of their private files may still be present in the Firefox cache. Malware could be used to scrape and steal this data.2 -
My browser claims it's unsafe to visit a website via HTTP, even if it's only to view and read. But it's fine to open any crapsite as long as it's via HTTPS and not on a malware blocklist?2
-
Tips for optimizing Windows performance on old PC. The following is what i got, please add things to the list.
- Defragment the harddisk
- Clear some space on the harddisk
- Reduce amount of unnecessary programs running in the background
- Check for malware/virus and remove them18 -
Jiff files have begun encroaching on my charmed life. I keep forgetting to search for an online converter and have done with it. I thought I'd hit upon one and I remembered to go to my search engine of choice and key in, "XXX malware." I learnt to do this years ago with my Mac, and I'm happy to say I've only slipped once or twice. Anyway, it's great to apply what I've learned instead of noticing weird things happening with my screen. Happy Independence Day from The Colonies,5
-
Ok ok ok. I see y'all have nice plans for the new year. Some of you even made a list that will be barely completed or remain unchecked.
Let me tell you my real issues/plans for 2020.
- First things first, I have to update the documentation of the projects that I maintain. Especially the copyright information. (2019 -> 2020)
- I have to check if any of the old software that I use is broken because of the year/date bugs. (you know, that happens)
- And finally I should check my Windows PC. If it's still OK than it means that no malware/virus is activated with a year payload. (it happens too, watch @danooct1 on YT)
Hope it helps someone.1 -
Security experts have discovered hundreds of fake websites which are being used to spread dangerous malware for Android and Windows devices. A "vast" network of over 200 internet pages, which impersonate 27 brands such as household names like TikTok, PayPal and Snapchat, are being used to spread a vicious bug which can empty out bank accounts. These bogus websites feature the notorious ERMAC banking trojan which is capable of stealing sensitive login details for 467 online banking and cryptocurrency apps.6
-
How did you get the people from Info Security and Compliance on board this continuous delivery thing ?
I am being asked to run antivirus scans on my own code and binaries as part of build.
Is this common practice? Am I missing something?
I am going to deploy stuff on Azure PaaS. I can understand having malware scan agent on azure VMs scanning the infra, but this?4 -
I don't live in a vacuum. I need to open an occasional Adobe bs format file (Illustrator, Premiere, After Effects, Photoshop). An occasional MS Office file too (Access, Word, Excel, PowerPoint). And don't tell me LibreOffice supports .docx. It doesn't support edits suggestion mode well enough. I needed AutoCAD for a period of time.
Desktop Linux people, what do you want me to do? Go to devRant and post “windows bad” rant? Go cry on Reddit?
I too think Windows is evil and 11 is essentially malware, but when I suddenly need those things done yesterday, and my livelihood depends on that, I have no choice.
(this is part 2 of this rant: https://devrant.com/rants/10703825/...)13 -
!rant
Need help!
I accidentally installed a malware on systrm some chinese software now appears with devices with this pc. And i am able to boot upto windows home screen. When services are starting my oc shows BSOD page fault. I ran diagnostic tools it showed 2100 error in hd 0. Can anyone help. I need to recover imp files from OS drive :(10 -
trying to figure out why this folder is allowing restricted files formats to run, and finding nothing but 'It's a windows folder' what the hell internet DX my school runs windows and it's in that directory children aren't allowed to mess with, of course it's a damn windows folder, but how can I stop them from running viruses accidentally in that folder without causing windows to stop working
Back to god damn research
Thank you for your time -
someone gets in my Discord server, asks "can anyone download a file for me? DM me" in the bot trap, and leaves.
Is it worth the effort of trying to track this guy down so I can get new malware or is it not worth the risk of CP?4 -
looking at more DOS malware. 12 samples in this set of 80 (out of 16 looked at) read the time then overwrite the registers 5 or 6 lines later. The other 4 don't even bother.5
-
I was thinking about linux and it's security.
Many are sayin that do not require an antivirus. BUT
What if you install wine (3.0) .
And after that install a software (.exe) that contains malware. What about that!
I was thinking today, it would get inffected?2 -
Lol. Another day, another (or just the usual) big tech company just takes us from behind.
This time? Oh Google is just spamming me because they "found malware" on a tracking code. There's nothing. Except competition.
They had to email me about every "malware" in EVERY fucking workspace version. In random order, eventually effecting the live version. Thanks. I really needed those 30 emails to know. -
Malwarebytes has become the best anti malware program of the world in a short time period. With Malwarebytes inside, user knows his computer is safe and secure at all times. More infoemation visit our site https://assistanceforall.com/servic...
1 -
SambaCry: This Linux Malware Is Turning Machines Into CryptoCurrency Miners
https://fossbytes.com/sambacry-malw... -
Solitaire on windows 98 then got windows millenium toshiba laptop, installed diablo 2 and my dad gone nuts because of 8gb hard drive so he havent got any more space for porn xD, then i installed some dialer malware and got fcked up for about 400 bucks meh
-
I threw some random android adware i found into a virtual device on my laptop (while swapping like a motherfucker, ofc) and it turns out, aside from the Draw over Other Apps, Install Apps, Location, and Storage permissions, and the blank name/icon, it's an honest-to-God working global ad blocker via VPN. It's shipping your traffic to China and filling your device full of more malware, but it's blocking ads too, so...? Is it worth gutting to remove the bullshit? (Can Android Studio do that?)5
-
I love the fact that Windows Malware Protection is wasting up all my CPU and I cannot open the freaking task manager or terminal.1
-
I use a Windows 10 OS and the browser popup sometime (not always so it hard to debug) when I open my computer.
Does the browser goes to other website?No the browser just show default page.
Is it a malware?I always keep my update AV so I am not sure.13 -
I want to share my experience with Digital Tech Guard Recovery, which turned out to be a beacon of hope during a very dark time. I had $770,000 in Bitcoin stored in a wallet that suddenly became inaccessible due to a software corruption issue. This was not just a digital asset but a significant part of my financial future. The nightmare began when I unknowingly downloaded unverified software that turned out to be malicious. The malware not only corrupted my system but also led to a critical issue with my Bitcoin wallet. I had also changed the wallet encryption as a precaution, which made the situation even more complex. My attempts to use various recovery tools were futile, leaving me feeling utterly helpless and overwhelmed. The emotional roller coaster I went through was intense. Initially, I was in denial, thinking that maybe there was a simple fix I had overlooked. As time passed and my attempts continued to fail, despair began to set in. I felt like my hard-earned money was slipping away, and the thought of losing $770,000 was unbearable. Desperate for a solution, I reached out to Digital Tech Guard Recovery after reading some positive reviews. From the moment I contacted them, I was struck by their professionalism and empathy. They understood the gravity of my situation and were transparent about the challenges they would face. Their team was quick to assess the problem and began working on recovering my wallet immediately.
-
VidMate Apk 2022-digiliife
VidMate Apk 2022 is 100% SAFE, with its security verify by multiple virus & malware detection engines. You can also scan every update through these platforms, and enjoy VidMate with no worry! But we use a more enhance and outstanding connectivity. VidMate Apk 2022 knows better your interests and hobbies according to your profile or historical behaviors, and then personalizes your own playlist.
Top Tags
Weekly Rant
View