Malware warning
- Thread starter Bugsy
- Start date
Just an update I disputed the $700 transfer to Robinhood with my bank. They didn't lose any money and in fact I got on and sold the stocks with a $10 profit I didn't care about. Provided documentation of computer repair shop and emails to Robinhood prior to the stock purchases. Robinhood has no human contact and were extremely slow in replying with canned emails with no sound of any caring about the incident in any true customer representation. I kind of felt like they would try to just sit on my money for who knows how long if I let them conduct their "investigation" in their time frame. My bank had the money back in my bank account in 3 days from the time I filed the dispute and have unlinked that bank account. About to go look for a way to delete that Robinhood account entirely. I'm amazed anyone would utilize their brokerage services with such shit customer service or response.
Dude you spoke in Yoda wordsHmnn, untrusted user then it was, the one who uploaded the file (?)
Noneless, hiden well
Been there buddy, such a maddening and paranoid feeling.
My story: Years prior I had set up my wife’s MacAir to be able to access our NAS b/c her drive was full. At some point she happened upon some malware despite using a Mac (assuming it was the fake Adobe Installer I found on her MacAir but who knows). Eventually our NAS became compromised with a persisted exploit that created a clandestine JVM for a backdoor RAT. Not only does our NAS store TBs of our most sensitive data, but it also sits at the most guarded center of our network with unfettered access to everything. Months pass and I am none the wiser, maybe our data was stolen maybe not. Suddenly one evening I get a very urgent email from EC2-Abuse (at) amazon.com informing me that I have a compromised EMR cluster in my AWS account that performing a massive DDoS against someone. Sure enough that was the case, my personal computer (MacBook Pro) had logged into the AWS cmd terminal and initiated a EMR cluster of largest size and was sending ~700 GBs/sec of trash at some poor system—costing me ~$500 in less than 15 minutes. After shutting down the cluster, changing my password, and resetting the router, I got another email from EC2-Abuse about 20 minutes later—it had happened again. Ended up ripping apart my AWS account, factory resetting my router, restoring all 5 macs at our house, and shutting off all power to our ~50 IoT smart home gadgets to be safe. But it happened a third time the next morning. Then I purchased top of the line (at the time) UniFi security gateway with a remote cloud key. I was able to see more details about traffic than previously with wireshark or tcpdump although was still obfuscated. Skipping even more craziness as I’m on mobile and this too long already, eventually an Apple update fixed all of our Macs and prevented them from being susceptible to sudden hijack, NAS drives were wiped and OS restored, all macs restored, etc. This was the only time I ever shorted AAPL as I thought ‘this is a big deal’, but in reality it was quietly fixed behind the scenes and many of those affected were likely unaware. Reminds me of the scene in Men In Black where Tommy Lee Jones tells Will Smith that the earth is always on the brink of destruction but the only way people carry on with their lives is that they do not know about it.
My Advice: Assume no privacy. Use end to end encryption if data is sensitive. 2FA always, even 3FA with a Yubikey. Password manager for everything. Update software always. Quality home network equipment—make sure to segment the shit out of your network to isolate your computer/NAS/workstation from those 20$ smart switches/outlets/bulbs/etc that were made in China and rushed to market without any thought for security. Finally, if your system ever does get compromised, don’t try to solve the mystery and surgically resolve—simply nuke everything from space, and then move on with your life.
My story: Years prior I had set up my wife’s MacAir to be able to access our NAS b/c her drive was full. At some point she happened upon some malware despite using a Mac (assuming it was the fake Adobe Installer I found on her MacAir but who knows). Eventually our NAS became compromised with a persisted exploit that created a clandestine JVM for a backdoor RAT. Not only does our NAS store TBs of our most sensitive data, but it also sits at the most guarded center of our network with unfettered access to everything. Months pass and I am none the wiser, maybe our data was stolen maybe not. Suddenly one evening I get a very urgent email from EC2-Abuse (at) amazon.com informing me that I have a compromised EMR cluster in my AWS account that performing a massive DDoS against someone. Sure enough that was the case, my personal computer (MacBook Pro) had logged into the AWS cmd terminal and initiated a EMR cluster of largest size and was sending ~700 GBs/sec of trash at some poor system—costing me ~$500 in less than 15 minutes. After shutting down the cluster, changing my password, and resetting the router, I got another email from EC2-Abuse about 20 minutes later—it had happened again. Ended up ripping apart my AWS account, factory resetting my router, restoring all 5 macs at our house, and shutting off all power to our ~50 IoT smart home gadgets to be safe. But it happened a third time the next morning. Then I purchased top of the line (at the time) UniFi security gateway with a remote cloud key. I was able to see more details about traffic than previously with wireshark or tcpdump although was still obfuscated. Skipping even more craziness as I’m on mobile and this too long already, eventually an Apple update fixed all of our Macs and prevented them from being susceptible to sudden hijack, NAS drives were wiped and OS restored, all macs restored, etc. This was the only time I ever shorted AAPL as I thought ‘this is a big deal’, but in reality it was quietly fixed behind the scenes and many of those affected were likely unaware. Reminds me of the scene in Men In Black where Tommy Lee Jones tells Will Smith that the earth is always on the brink of destruction but the only way people carry on with their lives is that they do not know about it.
My Advice: Assume no privacy. Use end to end encryption if data is sensitive. 2FA always, even 3FA with a Yubikey. Password manager for everything. Update software always. Quality home network equipment—make sure to segment the shit out of your network to isolate your computer/NAS/workstation from those 20$ smart switches/outlets/bulbs/etc that were made in China and rushed to market without any thought for security. Finally, if your system ever does get compromised, don’t try to solve the mystery and surgically resolve—simply nuke everything from space, and then move on with your life.
Last edited:
Technologies nowadays are cheap. get one laptop for your banking, trading, and business emailing, and save everything to a thumb drive, not on the local drive.
then get another laptop for your web browsing, facebook, twitter,... save everything to another thumb drive.
then get another laptop for your web browsing, facebook, twitter,... save everything to another thumb drive.
Last month I caught a virus on my PC that corrupted a lot of files. But I managed to restore them with the help of Partition Recovery. After that, I back up my important files.
just because something is in print is not a reason to turn off your brain.