Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - RussellMania

Pages: [1]
General Discussion / How to scan bar code from phone?
« on: October 27, 2019, 04:04:24 pm »
I took a photo copy of this bar code and it won't scan at the register. If you noticed, this is not your typical bar code. Is this some type of new fangled bar code that is protected by encryption.

I personally think it's safer to save credit card data for sites that you shop often. My sister on the other hand says that its safer to not save credit card data and type in your credit card information every time you want to buy something.

From my perspective, it's safer to type in your credit card information once because the more times you type in your credit card information, the more chances a hacker has to steal it. If you type your credit card data 100 times a year, it gives hackers 100 chances to steal your credit card details.

My sisters perspective is, if Amazon ever gets hacked, hackers will get access and steal your credit card information. If you don't store your credit card information for future purchases, then hackers can't steal your credit card information.

Me and my sister were arguing back and forth about this, who is right? I tried searching online to prove that it's better to type in your password 1 time, then multiple times, but came up empty handed. I guess its not something that people think about often.

General Discussion / Re: Malware via SMS Text
« on: June 04, 2019, 04:42:10 am »
Can this type of malware be removed by doing a factory restore or a DFU restore. I heard that in some cases you need to buy a new phone.

General Discussion / Malware via SMS Text
« on: May 31, 2019, 05:11:37 am »
Can you really be infected just by receiving a text message. I read that if you receive a square text message, it will infect your Iphone and Android devices. How is something like this possible. How is a text message able to run code without the user doing anything.

I would like to make copies of the score sheet, so that I don't have to buy the game again. My friend has been nagging me because he doesn't want me to accidently use all the score sheets. I keep putting it off because I'm not really sure how to do it. He even offered to do it for me; Instead of telling him that I don't know how, I told him I already took care of it. I guess you can say I am embarrassed concidering this is a newbe question. I would like every page to print out 4 score sheets, that way I can just cut them out. I don't have access to a PC, so I am using my Iphone.

Hackers have ways of getting around permissions; If a hacker is able to exploit a flaw in the IOS, would ristricting the camera with a passcode stop a hacker. Snowden said that hackers can hack any Iphone or Ipad camera

I already have my Iphone protected with a 12 digit passcode and have it set to wipe everything after 10 failed attempts. I have read that people turn on restrictions so parents can have more perental control over their kids phone; This is why Apple added the restrictions passcode in the first place. I have restrictions turned on hoping that it will stop hackers from hacking my Iphone camera and mic, along with denying changes to what apps can and cannot connect using a celluar network.

If TDL-4 botnets are dead, then what type of botnets are in use today; I would only assume that the botnets used today (2017) are a lot more severe and even more stealthy.

I have talked to a few people that have heard of badusb and they say its the worst thing that can happen to you. Tech experts that have heard of badusb won't even touch your PC or attempt recovery on any of USB storage devices if you tell them that you are infected with badusb because they don't want to infect all their devices. You mentioned that infecting firmware would be difficult because its vender specific; Couldn't a hacker use badusb as a way to infect your BIOS and other PC components. A hacker can discover what OS your using, what motherboard and BIOS version you are using and slowly discover what other hardware you are using. The hacker then can use a series of zero day exploits specific to each vender and infect all your PC components; granted it would take some time, but it would be possible and could be pulled off. My main concern about badusb is the ability to infect the actual USB port on your motherboard or case; Every device you plug in via usb can and will get infected. If you plug your phone or tablet into the PC, a hacker could infect and exploit the device you connected via usb. It would take longer to infect an Iphone or Ipad, but It could be done. Most people have never heard of Juice Jacking and it is becoming more of a problem; Your home computer or laptop can be used as a juice jacking device, but it gets even worse. When you take that same infected device and plug it in, lets say your USB wall charger, your car, or a smart charging hub; The phone or tablet will act as as a deployment platform and will infect any USB device that you plug your phone or tablet into (reverse juice jacking). I suspect that most people will become compromised and remain compromised permanently.

What is a hypervisor rootkit and what makes it worse then a firmware rootkit. I read that hypervisor rootkit comes under both firmware and hardware rootkits.

What type of malware do you think I had. The malware allowed other hackers to connect to my PC. If I wiped my drive clean using zero fill, my PC would appear clean with with no traces of malware, but if I connected online, the malware would  call home and download the rest of the malware. After reinstalling my OS 6 times, the malware didn't need to call home anymore. The scary part was, hackers could connect to my PC even if my PC had no Internet connection at all. I had a tech look at it and he fixed part of it, hackers would no longer could connect to my PC. I called the Tech and told and told him that the Malware was still present and I suspected the GPU was still infected. He told me that what I was describing was impossible. I came to this conclusion because its the only logical explanation I could come up with; It would be impossible to store 1-2 GB of malware in the MBR or BIOS. It was like the GPU was running its own OS system (PC was running in the Matrix). I removed the Video card, did another zero fill on the drive and it was pretty much back to normal, no traces of the malware. The DLL injections went away, no more KDOM DLL or other suspicious files being injected when I entered safe mode. I still experienced alternate data streams and redirects. I then tried removing one of the Logitech unifying receivers and everything went back to normal.

If black hackers can exploit these vulnerabilities, then what makes you think that the NSA/CIA or another foreign government with unlimited funding can't. These types of rootkits are not in the wild, but that doesn't mean they don't exist; It only means that a select few may have been targeted.


Are the new TDL-4 bot nets really indestructible. I have read that the new fangled rootkits and bootkits can survive reflashing. When you update the BIOS, you have to rely on the infected firmware. The firmware can lie and pertend to update, (hiding and storing the clean copy). If for some reason you are able to reflash and update the BIOS successfully, The BIOS can get reinfected if another piece of firmware is already infected. Malware can hide in a lot of places (CPU, Video card, USB peripherals, DVD burner, etc.) It would make cleanup after an attack really hard if not impossible.

If malware finds its way in the video card and reprograms the video card and alters the boot sequence so the Video card boots first, is this a hypervisor rootkit. I have posted a link of my PC infected with what I believed to be a hypervisor rootkit. It didn't matter how many times I wipe the disc, the malware was there, like it came bundled with the PC. It started out by calling home as soon as I connected online and after the sixth reinstall, the malware didn't have to call home anymore. I also noticed something odd, when Windows was loading and updating system settings it said loading hypervisor drivers. This is why I believe that my OS was running in a Virtual Machine.

I'm new to this site, is their any way I can leave positive feedback or give you a good rating.

thank you for a good explanation.

I know that when you shut down your computer all ram is lost. If all memory is cleared from ram, how does memory-resident malware work. This type of malware hides in ram and doesn't store any files on the hard drive. This type of malware is very stealthy because it doesn't require any files. If the malware never touches the hard drive, shouln't the malware be gone when you power off your PC. I'm a little confused how this type of malware works. Thanks!

Malware removal help / Re: Persisent malware, survives disk/ssd wipes
« on: June 30, 2017, 11:57:58 am »
Try wiping with all zeros, then fix the mbr with the cmd prompt. I would also try updating the BIOS. When you do this make sure that no USB is plugged in and use a P/S Mouse and Keyboard and see if you have any luck. It sounds like your being infected via badusb. When you reinstall the PC, is the malware already present, or does it wait until you connect online to call home. If the malware is already present then the video card may be infected with a hypervisor rootkit.

Pages: [1]