So I think they call them “dongles”? The usb wireless receiver that’s plugged into your computer? Can they get virus from a computer that has been infected? I imagine it’s no more vulnerable than say a usb mouse is?
But since these Logitech usb devices like your mouse or headphone receivers do contain some firmwares, I imagine they can be infected though uncommon?
I know that BIOS can get virus but it’s very rare, but it seems to me it’s pretty impossible or improbable for a virus to creep into your BIOS via normal computer use. Let’s say I’m using windows 10, even if I go as far as downloading a malware on my windows 10, it would seem that the worst damage it can do it to my windows 10 itself, not the BIOS, is that accurate? (Or at least, it’s incredibly difficult). If I don’t deliberately take a usb drive, and go into BIOS to m-flash it, how can I possibly infect a BIOS? So similarly, since your network would only work in the OS level, how can anyone possibly modify your BIOS by hacking your operating system?
And in the other direction, Supposed by some means my BIOS was infected with some virus, how can anyone possibly steal information on an operating system using the BIOS when the BIOS itself cannot be connected to the internet?
It seems to me the damage a BIOS can do is very local.
I have recently received an e-mail from an existing support group e-mail box with the following characteristics:
- written in the language used in company’s HQ (different from English which is the primary communication language)
- had a zip attachment
- provides a clear password for the attachment
- is a reply of a legitimate e-mail I have received from a colleague a few months ago
This seems to be similar to what is described here, so there is very high chance to have received an infected file. After a couple of hours, our security department sent an e-mail related to similar cases happening inside the company.
I am wondering about how to find out the exact nature of the threat in a secure way. I have tried the following (only the first step inside the company, the rest within a VM):
- checked on VirusTotal, but received 0% detection which makes sense since the engines cannot scan the encrypted archive
- Checked with the Nanoav which boast about scanning password protected archives, but it does not allow to input the password
- opened the archive with 7zip and saw a document inside
- extracted the file using 7zip and uploaded the document to VirusTotal => 13+ engines detected something weird.
Do previewing and extracting the archive impose any security risk or is it only the document inside that can be infected? (in this case it seems to employ a macro).
Question: How to quickly find out what exactly the threat nature of a password protected archive without getting infected?
Recently, I was being redirected (occasionally, not every time) by “ilkmawgod.site” (no information on google) to malicious webpages. I scanned my every thing using quick heal, but it didn’t find anything. I noticed this was happening with all the devices at home connected to the home router. Further, when I used mobile data there was no redirect. I figured out that my router must be infected. I factory-reset my router, but now I am being redirected by “netpatas.com” (a redirecting virus according to google) to malicious ads (on all devices connected to the home router, occasionally). What should I do? Is there something that I missed while factory-resetting my router? Can I clean this thing off my router or I have to buy a new one?
I recently had a virus on my windows 10, at some point I plugged in a usb drive to it (didn’t transfer any files). But assuming it was infected, can it infect, or simply transfer anything from it to my MacBook?
I didn’t transfer anything from the usb to my MacBook, I have only transferred files from the MacBook to the usb, and I secure erase the usb with my macbook.
Thank You for your help.
Also I had it for around 3 days. It downloaded a file that’s 1kb big on my PC. What should I do? I’m afraid to use my PC again.
I get a sentence:
If an attack is created using a botnet the likelihood of tracking the attack back to its source is low. For an added level of obfuscation, an attacker may have each distributed device also spoof the IP addresses from which it sends packets. If the attacker is using a botnet such as the Mirai botnet, they generally won’t care about masking the IP of the infected device.
Why attacker do not care about masking the IP of the infected device of botnet?
I came to know that the malicious activities will be carried out only by a software(program) whereas the malicious files(data to the softwares installed in the system) can’t perform the malicious activities directly by themselves but they can responsible for bringing those malicious softwares to the system( say like steganography).Hence those softwares also must be installed ( automatically or manually) before performing their activity.
If this is true scanning for malware in softwares before they get installed( triggered manually or automatically) is enough to say that the system is 100% secure(considering that our detector is ideally 100%accurate)?
There is an old Windows XP installation that was being used without even an antivirus. This WinXP computer has files. These files are important and should be moved to a Linux installation. Given the lack of any security practices on the side of the WinXP owner it seems possible that the data contains malware.
I can now:
- Ignore this and simply keep using these files in Linux; after all Linux is supposed to not need AV.
- At the very least the files should be scanned to avoid accidental redistribution of malware if they are ever sent to anyone else again
- The files contain eg a multitude of .odt / .doc documents – maybe it’s a very remote possibility, I don’t know, but malicious macros are OS independent?
- Install ClamAV on Linux machine, scan the files, remove Clam afterwards.
- AFAIK ClamAV is known for its poor detection rate – scanning the files with it is only marginally better than not scanning at all?
- Install an AV on the WinXP machine (Panda Free AV still supports WinXP, doesn’t it?), scan the files there, only transfer them afterwards.
- Which means going online with WinXP once again – this just feels wrong
- Any options I overlooked?
I feel stuck. Not sure how to progress.
Note I wouldn’t like to manually inspect the files and eg remove any potentially suspicious files like .exe files while leaving safe files like .png files intact. Reason is the data is not mine, I was just asked to transfer it so that someone else may use them.
What is the accepted best practice in a situation like this?
How likely is one to get hacked or infected using an end-of-life Windows 7 if you dont upgrade to either Windows 8 or Windows 10 ?