AvaStar – Infected Download

WARNING UPDATE:2/9 – OK The original post is not quite right. Original:

The AvaStar people (wrong – wasn’t reading closed enough) have posted a warning about recent downloads of AvaStar being infected with a Trojan or computer virus. They aren’t clear on what it was just that it was a bad thing. See: AvaStar – infected download.

If you downloaded their version 2.3-2 update in the last 2 or 3 weeks… you are at risk. Get a new copy and replace it. Scan your computer…  Type DEFENDER in the ‘Ask me anything‘ or Search Windows field and run Windows Defender. Click Virus & threat protection. In place of a Quick Scan choose Custom Scan and point Defender to the place you keep your downloads.

Gaia commented below. Also, the original warning came from Casper Tech, not Machinimatrix. Also, the Casper Tech post has changed since I first read it.

Gaia and the Machinimatrix people seriously doubt the AvaStar code or package was infected.

Thinking about it, the programming code for Blender is Python. Blender add-ons, at least all those I have, are delivered as text files written in the Python language. So, the malicious code would have to be written in Python making it a specialized case, which is outside the normal pattern of malicious code for a web hack. So, I suspect Gaia and crew are right, the AvaStar programs and package were NOT compromised.

Doing some research this morning, I find that it is possible to embed malicious software in Blender files (.blend) and place executable code (.exe) in Python programs, but the Python has to call them and Windows intercepts the call and asks if it is OK to run it. Neither case is conducive to hackers. So, possible but unlikely.

However, Casper Tech is pointing out that the website hacks were sending people to a third-party site. They were attempting to inject malicious software into computers arriving at the site. But, a manual virus-scan of your computer will reveal any problem.

Worldwide Ransomware Attack

If you have paid attention to the news, you know the world is in a cyber war firefight running from Friday to today. No one is going to protect you. To make it worse, some are claiming anti-virus software is making it worse. Sheesh!

The First Evil

The First Evil

The current primary problem is older operating systems; Windows XP and Vista. Microsoft quit supporting those old systems. But, many businesses have chosen not to update to newer systems. For some like the healthcare industry and industrial manufacturing their complex applications were dependent on features in the old operating systems. It was difficult and expensive to update.  Continue reading

Facebook and Cyber Attacks

If it has not occurred to you, Facebook is an incredible resource for hackers stealing ID’s. People put in all sorts of personal information that can be used by hackers. I would never put my real birth date or any other information asked for by financial institutions on Facebook.

After The End

After The End

It is bad enough that individuals and private teams attack people. But, now governments and terrorist organizations are attacking private individuals. It is not just the Pentagon in DC or the CIA at Langley that are targets. You too may be a target, especially if you work for the Defense Department. Continue reading

Computer Safety: Malware @ c|NET

I used to consider c/NET a safe site for downloading software. There are lots of great free programs that do handy things. The authors are legitimate, well meaning, real people. But, more and more often their software is wrapped in an installer from some download site. That wrapper often contains Adware or Malware.

Say Something. Something Like You Love Me.

Say Something. Something Like You Love Me. by [ HarlowHeslop.com ], on Flickr

Authors of free programs are donating their labor to you. Lots of  downloads of a popular program/app can drive up bandwidth costs. Authors of popular programs can soon find they are paying real money out of their pocket so you can have free stuff. Isn’t it enough they donated their time?

The alternative is to use a mirror, a web site that will allow you to store your files for others to download. Some have developed mirror sites into businesses. Some learned it is more profitable to add to the advertising revenue by putting ads and adware in an install or download program that wraps the file you want.

Now cyberwarzone is reporting that blackhats are getting their malware into c/NET, a major download site. See: Top 10 downloaded software on CNET contains malware. Skipping the bad English, that the top 10 downloads all have malware is frustrating and I hope c/NET finds it embarrassing.

New ransomware encrypts computer games and iTunes

A new virus/Trojan encrypts your Minecraft, WoW, and iTune files then tries to ransom them to you. Be careful what you click on. Make sure your anti-virus is updating and actually running, do a scan or at least start one. If it runs, you know it is working.


by Christina, on Flickr

This is a variant of the better known Crypto Locker ransomware.

Once these things encrypt your files, you are pretty much screwed. You can double down by paying them to release your files. All that does is tell them they have found a rube and empty or overcharge your account. They aren’t going to decrypt your files. All that would do for the bad guys is provide more tracking information for law enforcement. It’s not like they are trying to build repeat business with good customer service…

Second Life BCU Phishing Exploit

There are numerous exploits used in Second Life™. YouTube has a series of videos titled ‘What is Scond Life?’ or ‘This is Second Life.’ And links to download the program. Some of the videos are obvious crap and others are pretty good and look enticing. I suspect those are plays on the current popularity of VR and HMD as they are recent.

Lost Eden 2014

Lost Eden 2014

Many of these lead to pirate download links. I am betting the viewer one gets is a basic password/account stealer.

Today I see the United Content Creators of SL has issued a warning in Second Life™ about BCU.exe. I think this is also known as the Browser Configuration Utility. If so, it has been around since 2010 in a couple of forms and most anti-virus software is aware of it. But, run from inside the viewer, which you have given permissions to, it can circumvent your anti-virus software.  Continue reading

Virus Warning

I’m not big into virus warnings unless something radically changes. Well, it has. So, read up and rethink your backup strategies.

New Ransom Ware

There is a new style of ransom ware that has come to America. Europe has apparently been dealing with it for weeks. It is called Ransom Ware 2.0 or CryptoLocker.

To understand what Ransom Ware 2.0 is doing read: Destructive malware “CryptoLocker” on the loose – here’s what to do. It’s a bit techie.

As best I can tell, the program leaves your readable copies of files in place while it makes encrypted copies using strong encryption. When it finishes encrypting your files, it then erases your readable copies and displays an extortion notice. If things go as they planned, you will probably not notice a problem until you see the notice. Continue reading