[Video] Ways to Infect your computer - Exploits (Not doing your updates)

Discussion in 'other security issues & news' started by warwagon1979, Jan 25, 2010.

Thread Status:
Not open for further replies.
  1. warwagon1979

    warwagon1979 Registered Member

    Joined:
    Nov 17, 2009
    Posts:
    20
    For the past 6 years I have been self employed running my own computer repair business. Like most of you I come across, malware, rouge, Trojans and all sorts of nasty stuff on customers computers. They always tell me they have no idea how they became infected. They just turned on their computer one day and all of sudden the infection was there. So I thought I would create some videos to help better inform them on ways they can become infected on the internet. Out of the 3 videos I created this one is one of the more interesting and scary.

    This one deals with exploits. It show just show easily you can get become infected if you do not install your Windows updates or updates to Internet explorer. It doesn't cover 3rd party vulnerabilities but the outcome would be the same.

    It is a 3 part video but the 1st part is by far the most interesting. Enjoy.

    Part 1 (how easy it is to infect with no updates)

    http://www.youtube.com/watch?v=TJpZlzBkiro

    Part 2 (What happens when you have all your updates)

    http://www.youtube.com/watch?v=0zcmD-RhQRc

    Part 3 (How well do AV's detect Exploits before they infect you)

    http://www.youtube.com/watch?v=duJksZnTK5o&feature=related

    For those of you who want to see the other 2 videos I made for my customers they can be found below

    #1 - Ways To Infect Your Computer - Fake Anti-viruses

    http://www.youtube.com/watch?v=JoRc7iGc4Io&feature=related

    #2 - Ways To Infect Your Computer - Running Executable files that appear out of nowhere

    http://www.youtube.com/watch?v=nHR_6zzbh_0
     
    Last edited: Jan 26, 2010
  2. nineine

    nineine Registered Member

    Joined:
    Sep 13, 2009
    Posts:
    140
    This is a great set of videos. Perfect for the average inexperienced user to get a little understanding of how to get infected and how to help prevent it.

    I noticed at the end of the third video you mentioned something about uploading the site/script to VirusTotal. Could you possibly elaborate on how one would do this?

    One last thing... Lets say Firefox had the same vulnerabilities/security holes that IE6 does. If a user used Firefox with the NoScript Extension to go to the websites in your videos, would NoScript prevent the system from getting infected?
     
  3. warwagon1979

    warwagon1979 Registered Member

    Joined:
    Nov 17, 2009
    Posts:
    20
    I can't say for sure, but my guess would be yes. If it was exploiting you with a script anyway.
     
  4. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    These videos need to be watched by some of the people on these forums who say "as long as you don't execute anything or fall for social engineering, you can browse the web at will without worrying about malware." Of course, most of us knew this was BS, but these videos serve as a good illustration as to why.

    The truth is, you can be pwned merely by visiting a website. Part of this is due to Windows and it's default insecurity and part of it is people not knowing how to utilize privilege separation and other access controls that is built into Windows but not turned on by default. But that's another issue entirely.
     
  5. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    Excellent videos. Thanks for taking the time to make them and post them up. Got a few people who I am going to send the links to and tell them it is mandatory to watch em.
     
  6. wat0114

    wat0114 Guest

    Nice videos but it looks like you're running as administrator - a cardinal sin, putting one behind the eight ball off the bat.
     
  7. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    I really like the fact that I can see and read everything in the videos. Most of the others I've seen are hard to read so you did a great job. I just wish I could force a couple people I know to watch the videos.

    The vids also prove that execution protection and isolating "risky" apps (sandboxing) are useful.
     
  8. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    I would imagine he did that purposely for demonstration purposes as most people do run as administrator. I think his basic premise was to get across the point the difference between patching and not patching....as we all know there are many out there that don't patch or update anything.
     
  9. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    The good quality of the vids were also the first part that I noticed too. I see he was using Sandboxie in some of the vids also. It would be really good if he could do a couple up showing the difference running with Admin rights and dropped rights.
     
  10. wat0114

    wat0114 Guest

    Doesn't mean running as admin makes it right or best practice. The push for running as LUA should be emphasized. It is the (one of the) underlying foundation for running a pc securely.

    Okay, understood, but the importance of running as LUA as opposed to Admin should merit equal importance at least.

    Even better if he shows the difference between running the account as LUA or Admin.
     
  11. warwagon1979

    warwagon1979 Registered Member

    Joined:
    Nov 17, 2009
    Posts:
    20
    Yes. I did run as admin, because you are going to be hard pressed to find any average user who is not running as admin.

    As far as the quality of the videos go, Picture and audio quality is very important to me.

    I've watched far to many videos where the mic the person was using had so many hisses scratches and pops and the audio so distorted, it was painful to listen too. As far as video quality I've watched FAR too many video's where you could not make out a single piece of text on the screen. They where so blurry that your eyes burned after only a minute of watching it.

    So I'm glad you like the quality.
     
  12. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    Baby steps now, wat0114!!!! LOL.Drop their jaws by letting them to see how easy it is to get infected running full blown administrator and unpatched to boot first. I agree with you on LUA. Cheap, almost easy, and effective.

    Keep up the good work Warwagon.
     
  13. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    In the first vid why does the taskbar change to Win 7 then back to XP at 1.18 and is that a trojan fake alert sitting near the clock?

    Seems the machine may be already infected before going to that site?
     
  14. wat0114

    wat0114 Guest

    Whoaa! Good eyes Franklin :)

    I didn't see or hear mention of the perils of running as admin. The focus seems to be on running unpatched. The typical user I guarantee is not going to notice in the videos the Administrator account nor understand its consequences.
     
  15. warwagon1979

    warwagon1979 Registered Member

    Joined:
    Nov 17, 2009
    Posts:
    20
    at 1:18 I went to notepad on the host machine to copy the URL, this is when you saw my Host machine's Windows 7 taskbar ( You do realize I was inside VMware Workstation 7 with it full screen? I also had my desktop resolution set to 1280 by 720 so I could record the video in 720p) . As far as the Trojan fake alert sitting near the clock, that's just windows telling me I have no AV installed.
     
  16. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,856
    Hi warwagon, I really enjoy your video displaying the consequences of not updating. It's put forward clearly, and spoken by you clearly. Even a basic computer user could understand it.

    To summarize, it's gone into my collection of educational links for PC users. Thanks. :)
     
  17. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    OK fair enough, but you also use Sandboxie.

    So what happens if you use a full blown admin account and don't update but run IE through Sandboxie?

    Are you protected from the exploit?
     
  18. warwagon1979

    warwagon1979 Registered Member

    Joined:
    Nov 17, 2009
    Posts:
    20
    I think you should be. Oh noes, I should make another video :)
     
Loading...
Thread Status:
Not open for further replies.