Facebook: ALERT – New Malware attack using Facebook. DONT CLICK ON “Most Hilarious Video Ever” wall posts.

It seems that recently Facebook has be at the center of many web issues. Unfortunately, this is a trend that seem to continue as now we have a new Facebook attack that has the goal of stealing your credentials (there for taking over your account) in addition to downloading malware on your pc. If you see any wall post about the “Most Hilarious Video Ever”, DO NOT CLICK on it. If its on your own wall delete the post from your wall, if you have already clicked on the link (Fallen for the post), you need to immediately go to your profile and change your password information.

The following information comes from the WEBSENSE blog (LINK: http://community.websense.com/blogs/securitylabs/ (http://community NULL.websense NULL.com/blogs/securitylabs/)) concerning this new FB attack, included below is a video from websense showing how the attack happens.

Most Hilarious Video attack on Facebook (http://community NULL.websense NULL.com/blogs/securitylabs/archive/2010/05/28/most-hilarious-video-attack-on-facebook NULL.aspx)

Posted: 28 May 2010 09:11 PM

Attacks on Facebook during weekends are unfortunately becoming a trend. For the third weekend in a row users on Facebook are bombarded with messages on their walls talking about Distracting Beach Babes (http://community NULL.websense NULL.com/blogs/securitylabs/archive/2010/05/22/warning-for-quot-distracting-beach-babes-quot-on-facebook NULL.aspx), Sexiest Video Ever (http://community NULL.websense NULL.com/blogs/securitylabs/archive/2010/05/15/sexiest-video-ever-on-facebook NULL.aspx) or this latest attack which supposedly is the “Most Hilarious Video ever” shown in the screen shot below.

(http://community NULL.websense NULL.com/cfs-file NULL.ashx/__key/CommunityServer NULL.Blogs NULL.Components NULL.WeblogFiles/securitylabs/1106 NULL.facebook_5F00_hilarious_5F00_1 NULL.png)

We predicted that this attack would happen again and unfortunately we were right.

This attack is different from previous weekends as not only do the attackers try to steal your Facebook credentials, what happens after that depends on which country you connect from. Once you click on the link to view the video you are taken to a fake Facebook login page where you are tricked into entering your credentials. The login page look like the real thing except of course if you look at the address bar you can see that you’re not on facebook.com. But users can easily be tricked into thinking that they temporarily were logged out of Facebook and to continue they have to login.

(http://community NULL.websense NULL.com/cfs-file NULL.ashx/__key/CommunityServer NULL.Blogs NULL.Components NULL.WeblogFiles/securitylabs/4478 NULL.facebook_5F00_hilarious_5F00_4 NULL.png)

Regardless of what you enter in the login form you are then taken to a page on the real Facebook site that asks you to allow the application to access your profile. If you allow that you’re taken to a page saying that you need to upload your FLV Player to view the video. Up until this point it’s similar to how the two previous attacks have worked, except that this new one also has the phishing component. However, what happens now depends on which country you are connecting from.

If you are coming from a US IP address you are prompted to download the FLV Player, which is detected by 35% of antivirus engines (http://www NULL.virustotal NULL.com/analisis/ba220931f0993b752cc9cc25d449904646528fee138ace928f027bb643f3b61e-1275104977), as can be seen in the screen shot:

(http://community NULL.websense NULL.com/cfs-file NULL.ashx/__key/CommunityServer NULL.Blogs NULL.Components NULL.WeblogFiles/securitylabs/3755 NULL.facebook_5F00_hilarious_5F00_2 NULL.png) (http://community NULL.websense NULL.com/cfs-file NULL.ashx/__key/CommunityServer NULL.Blogs NULL.Components NULL.WeblogFiles/securitylabs/0842 NULL.facebook_5F00_hilarious_5F00_2 NULL.png)

However, if you’re coming from a UK IP address you’re taken to a quiz where they have to answer 10 questions.

(http://community NULL.websense NULL.com/cfs-file NULL.ashx/__key/CommunityServer NULL.Blogs NULL.Components NULL.WeblogFiles/securitylabs/4617 NULL.facebook_5F00_hilarious_5F00_3 NULL.png)

Once completed the user then gets the chance to win an iPad! All they have to do is to fill in their address. So instead of tricking the user into installing a malicious file, this time they’re after your information in addition to your Facebook credentials from the fake login page.

(http://community NULL.websense NULL.com/cfs-file NULL.ashx/__key/CommunityServer NULL.Blogs NULL.Components NULL.WeblogFiles/securitylabs/8512 NULL.facebook_5F00_hilarious_5F00_5 NULL.png)

It’s very likely that the behavior is different than the two examples we have described depending on which country you connect from. In our testing we only had the ability to test this attack from the US and UK but regardless of where you are connecting from you shouldn’t click on the fake video and never, ever give you Facebook username and password to a website that is not facebook.com. We also recommend you to install Defensio, our free security app for Facebook that will protect your wall from posts like this. You can get it from http://defensio.com (http://defensio NULL.com)

Software: How to backup Logmein Hamachi

With our connected lifestyle, there are many times when you need to access a pc (home or work) while you are at another location. There are many options to be able to do this. The way I find to be one of the easiest is using Hamachi from Logmein (LINK: https://secure.logmein.com/products/hamachi2/ (https://secure NULL.logmein NULL.com/products/hamachi2/)). Hamachi comes in 2 versions, one is FREE for Non-Commercial use and the other is a paid version for those using it for commercial purposes.

From the Hamachi site

LogMeIn Hamachi² is a hosted VPN service that securely connects devices and networks, extending LAN-like network connectivity to mobile users, distributed teams and business applications. You can easily create secure virtual networks on demand, across public and private networks.

With that being said, one of the questions about Hamachi that I seem to get from Hamachi users is how to back up your Hamachi account in case you need to reinstall.

The following steps will allow you to backup Hamachi -

If you are on Windows 7

Backup the LogMeIn Hamachi folder@ C:\Windows\system32\config\systemprofile\AppData\Local\LogMeIn Hamachi

If you are on Windows XP

Backup the LogMeIn Hamachi folder@ C:\Documents and Settings\LocalService\Local Settings\Application Data\LogMeIn Hamachi

**Correction on XP location provided by Xantes (Thank you)

To restore from your backup of Hamachi – After you install your new copy of Hamachi

1 – Open (The Windows) Control Panel – Administrative Tools – Services and the find LogMeIn Hamachi service

- The click to highlight and the select stop (See example below).

- Once you stop it, minimize this window as you will need it again shortly

2 – Copy your backup data and paste it to the location of the install (you will replace any duplicate files)

Windows 7

C:\Windows\system32\config\systemprofile\AppData\Local\LogMeIn Hamachi

Windows XP

C:\Documents and Settings\LocalService\Local Settings\Application Data\LogMeIn Hamachi

3 – Once you have copied the backup data go back to the services window and now highlight LogMeIn Hamachi and then select start.

That will do it, you will now have your existing account back up and running.

FACEBOOK: How to Permanently Delete a Facebook Account

With all the recent changes and issues that have occurred with Facebook, you may feel that you no longer want to be part of Facebook. Unfortunately Facebook makes actually deleting your account very difficult. If all you want to do is deactivate your account (which is different that deleting) you can do that easily, but Facebook makes actually deleting everything much harder to find.

The following link is for a post on www.wikihow.com (http://www NULL.wikihow NULL.com) **, which seems to be the most complete information on how to actually make your Facebook profile go away.

http://www.wikihow.com/Permanently-Delete-a-Facebook-Account (http://www NULL.wikihow NULL.com/Permanently-Delete-a-Facebook-Account)

**NOTE: While reading thru the wiki post, you will see a couple of sections that are listed as “Ads by Google”. The lines labeled as “Ads by Google” have nothing to do with the steps to delete your Facebook Account.

Facebook Disables KNOI Radio Facebook page!

In Support of KNOI Radio, I’m posting the link to KNOI where they talk about how their pages got disabled. It appears that the KNOI Radio pages were disabled because of “Criticism of Facebook Policies”.

Facebook Disables KNOI Radio Facebook page! | (http://knoifm NULL.com/news/1569-facebookdisablesknoi NULL.html)

Posted using ShareThis (http://sharethis NULL.com)

Software: Windows 7 – Problem Step Recorder for easier troubleshooting/support

From TechNet (LINK) http://technet.microsoft.com/en-us/magazine/dd464813.aspx (http://technet NULL.microsoft NULL.com/en-us/magazine/dd464813 NULL.aspx)

Tip: Easier Troubleshooting Support with Problem Step Recorder

Troubleshooting errors for a remote user can be very difficult since you can’t actually see what’s happening on the remote system. Often it comes down to a user saying he didn’t click a button, open a program, close a program, or so on. The new Problem Steps Recorder (PSR.exe) allows you to see exactly what’s going on, documenting every action that takes place on the system experiencing problems.

The Problem Steps Recorder tool is a simple screen capture utility that grabs screenshots whenever a mouse move or click is made and documents all the data into a zipped MHTML report page that can be sent off directly to the help desk. Every step of the user’s actions is logged complete with a screenshot with the item highlighted, and it even allows the user to provide commentary on specific details.

To launch the Problem Steps Recorder, just go to START and type PSR.exe and your off and running.

Apple: iTunes – How to backup and restore playlists

For some reason I’ve recently began getting numerous calls about iTunes playlists either disappearing or completely being messed up. As of now I don’t have a cause for all of these calls (as I haven’t seen a patter), however, I think its time to point out a simple way to protect your playlists.

BACK THEM UP ! Simple isn’t it

The following are the steps needed to both back up and restore your playlist. Even though this info is just for the playlists themselves, you should also keep in mind that many things need backing up.

Backup is an important step for anything you use regularly or anything that “REALLY” matters to you on a computer. You don’t know when your computer could have a hard drive fail, when things could get accidentally deleted, when you could get a virus (I know viruses are Windows users, but there are a few floating out there on the Mac side as well), or have your house broken into and your equipment stolen, (Should I keep going or are you getting the picture) etc. TechGeekandMore does recommend iDrive** (LINK: https://www.idrive.com/?p=techgeekandmore (https://www NULL.idrive NULL.com/?p=techgeekandmore)) where you can get 2 gigs of space for FREE and great rates including monthly or yearly billing for additional space (So you have no excuse to not have a backup). For those who called with this issue and had backed up their information (Good Job!) it was a few minutes and they were back to normal. For those who didn’t, it was time to redo and recreate their lists again from scratch. At least this time it was only the lists.

Backing up playlists

Follow these steps:

Open iTunes.
Select one of your playlists from the Source list.
From the File menu, choose Export Song List. A Save dialog appears.
From the Format pop-up menu, choose XML.
From the Where pop-up menu, choose Desktop.
Click Save.
Repeat steps 2 through 6 for each of the playlists that you have created in iTunes.

Note: These smart playlists are created automatically by iTunes, so you do not need to back them up:

60′s Music
My Top Rated
Recently Played
Top 25 Most Played.

Restoring playlists

Follow these steps:

From the File menu, choose Import.
Navigate to and select one of the exported playlist files on your Desktop.
Click Choose.
Repeat steps 1 through 3 for each of the playlist files that you have exported to the Desktop.

Important: Some playlist information, such as Play Count and Last Played date, is not preserved.

*******************************************************************************************************************************************

**Disclaimer: iDrive is not an Apple or Mac product, even though it has the i in the front of the name. iDrive is from “Pro Softnet Corporation” a leader in the field of online backup solutions (LINK: http://www.pro-softnet.com/prosoftnet_new/contact.htm (http://www NULL.pro-softnet NULL.com/prosoftnet_new/contact NULL.htm)). In addition, TGM is an iDrive partner, and does get a commission from prosoftnet for referrals. However, please note that TGM would still recommend iDrive as the preferred method of online (off-site) backup even if it did not get commissions, TGM values its reputation and would not recommend anything unless they had used and been satisfied with the product.

Tech Geek and More

Technology Explained for All

Monthly Archives: May 2010