General Discussion

Turbineguy

(37,362 posts) Tue Oct 2, 2018, 10:15 AM Oct 2018

Russian hackers at it again

This article showed up on my google homepage this morning.

First UEFI malware discovered in wild is laptop security software hijacked by Russians

“LoJax” repurposed LoJack anti-theft agent as rootkit that could survive OS re-installs.

https://arstechnica.com/information-technology/2018/10/first-uefi-malware-discovered-in-wild-is-laptop-security-software-hijacked-by-russians/

5 replies

= new reply since forum marked as read

Highlight:

Russian hackers at it again (Original Post) Turbineguy Oct 2018 OP

Several of the FB groups I belong to have gone private, by admin invite only. woodsprite Oct 2018 #1

I'm far from being an expert on this field Turbineguy Oct 2018 #2

*NEVER* run any software that can't be verified. Initech Oct 2018 #3

This was "users" requesting access to the group and the users couldn't be verified. woodsprite Oct 2018 #4

I was talking about the LoJack software. Initech Oct 2018 #5

woodsprite

(11,923 posts)

1. Several of the FB groups I belong to have gone private, by admin invite only.

Reply to Turbineguy (Original post)

Tue Oct 2, 2018, 10:19 AM

Oct 2018

Mainly because they've been inundated with new members attempting to join, who appear to have no history or online presence and can't be verified.

Turbineguy

(37,362 posts)

2. I'm far from being an expert on this field

Reply to woodsprite (Reply #1)

Tue Oct 2, 2018, 10:28 AM

Oct 2018

but I run ESET scans periodically. They catch a few things that my regular AV misses. It seems that running other vendors' AV from time to time is a good idea.

Clickbait posts on FB could be a point of entry as members of a group might consider themselves in a circle of trust.

Initech

(100,098 posts)

3. *NEVER* run any software that can't be verified.

Reply to Turbineguy (Original post)

Tue Oct 2, 2018, 10:44 AM

Oct 2018

Doesn't matter if it's an app or any kind of desktop application, if it can't be verified, don't download. Mainly because we live in an era where there's tons of fake and scam products being sold (like LoJack), they can be easily be hacked into.

woodsprite

(11,923 posts)

4. This was "users" requesting access to the group and the users couldn't be verified.

Reply to Initech (Reply #3)

Tue Oct 2, 2018, 11:27 AM

Oct 2018

I assist with a FB page for the group we sing with so we've been monitoring posts, but the board of directors wanted to keep the FB page open to the public.

Initech

(100,098 posts)

5. I was talking about the LoJack software.

Reply to woodsprite (Reply #4)

Tue Oct 2, 2018, 11:30 AM

Oct 2018

There's two worst case scenarios that I can think of and both of those involve either wiping your drive completely with a full format or replacing the drive. But either way that can't be good.

Reply to this discussion