Yahoo Website Infected

lciavarella

lciavarella

Member
Reaction score
3
Location
Kent, OH
I’ve had half a dozen people get some type of malware from Yahoo this week. Two clients clicking on something in an email sent from friends and the other four from pop up ads in Yahoo News. One of these people got sucked in hook line and sinker. Calling the Microsoft phone number and letting them remote into computer. This is what the results were:
syskey.png


Tried several password cracking tools from ISO’s and USB keys couldn’t get into computer. Had to nuke and pave and put some files back the last backup they had was August of last year.

Anyone gotten around the Startup Password?

lciavarella
 
lciavarella said:
Explain properly set up because two of the people claim that they use Chrome with AdBlocker
Click to expand...

Adblocker is not necessarily going to help in a situation like this. The real problem is Yahoo and their poor management of search results. While tops hits on Google very rarely bring up a bad site it's much more common on Yahoo. In my book it's an operator problem. I work at getting them off of Yahoo and learning how to properly read search results.
 
Another way to get around this is to rename the hives in the Config folder and copy in the ones from Regback.
 
Markverhyden said:
Adblocker is not necessarily going to help in a situation like this. The real problem is Yahoo and their poor management of search results. While tops hits on Google very rarely bring up a bad site it's much more common on Yahoo. In my book it's an operator problem. I work at getting them off of Yahoo and learning how to properly read search results.
Click to expand...
Several of them ran from Yahoo, wanted nothing to do with Yahoo again - Wouldn’t even let me forward their Yahoo mail to Gmail – wanted Yahoo accounts closed.

For the readers of this particular forum one of the infected users was I. I fired up a laptop and let it sit at the Yahoo News page and about an hour later I hear the fans revving up on the laptop. I walk over to the computer and see Microsoft Security Essential stopping a potential download of some media player. I immediately backed out of everything. I let the laptop run all day and it never happened again but I did witness the hack and if I didn’t know what I was doing it could have been much worse.

I agree education is their best security, but the average user does not want to read proper usage. All they want to do is click, click, click, oh my, what just happened!
 
FremontPC said:
Another way to get around this is to rename the hives in the Config folder and copy in the ones from Regback.
Click to expand...
Tried the backup hive thing and it didn't work, but I wasn't sure what the heck I was doing. Had to do from command prompt, not my cup of tea.
 
lciavarella said:
Several of them ran from Yahoo, wanted nothing to do with Yahoo again - Wouldn’t even let me forward their Yahoo mail to Gmail – wanted Yahoo accounts closed.

For the readers of this particular forum one of the infected users was I. I fired up a laptop and let it sit at the Yahoo News page and about an hour later I hear the fans revving up on the laptop. I walk over to the computer and see Microsoft Security Essential stopping a potential download of some media player. I immediately backed out of everything. I let the laptop run all day and it never happened again but I did witness the hack and if I didn’t know what I was doing it could have been much worse.

I agree education is their best security, but the average user does not want to read proper usage. All they want to do is click, click, click, oh my, what just happened!
Click to expand...

Yeah, it's amazing how easily drive by's can happen. 3-4 years ago I was down visiting my daughter at school. Was using my netbook, which normally is used only for things like router/switch configs, Lan testing etc so it has no AV, to check out some companies on ripoffreport.com. Left it sitting on that page and when we came back from the football game I'd been hit with one of those utility malware apps.
 
You must log in or register to reply here.

Similar threads

britechguy
iPhone: Anyone ever encountered one that's infected?
Replies
11
Views
2K
Markverhyden
Markverhyden
britechguy
How in the world does one boot from USB these days?!!
2 3
Replies
48
Views
5K
lan101
lan101
thecomputerguy
Client can't login to Google account using their own email.
Replies
8
Views
1K
timeshifter
timeshifter
HCHTech
Slow opening times for files on a network drive
Replies
10
Views
2K
trevm999
trevm999
britechguy
Why will my website only load for about 5 minutes after I initiate the redirect record?
Replies
19
Views
2K
Philippe
Philippe
Back
Top