Kategorie:
Nowiny
Ze ¦wiata
Z Polski
Z Australii
Polonijne
Nauka
Religia
Wyszukiwarka 

Szukanie Rozszerzone
Konkurs Strzeleckiego:

Archiwum:

Reklama:

 
18 lutego 2018
How we have fallen pray to hackers
beware of cyber crime!
This is a report on hacking and installing a ransomware on a computer at Pennant Hills, NSW 2120.
* About the end of January 2018 we have got a phone call about 6pm from a person trying to sell a fast version of nbn. We refused as we have not been interested.
* Some weeks later on 12th February, about 3pm a phone call from a person presenting himself as a Telstra employee installing a new software protecting from ‘infection via logic files’ which are not being detected by standard antivirus and internet protection software and allowing unsolicited connections from remote sources to your computer. The wife referred to a husband who was not available at that moment.

Polish version of the article - just published!

* At about 4 pm a phone call from the same person and held a conversation with the husband. A long explanation followed on how Telstra cares about customers and internet safety, and he claimed that they have been introducing a new software 100% guarantying safety of the email and internet connections fixing security gaps in the new NBN connection. He said that by not installing the software we risk losing all files on the computer. * The person provided the following data about himself:
* Name Neil Bracht (he spelled it twice carefully)
* Address: 242 Exhibition Street, Melbourne Vic 3000
* Phone number: 03 9016 9681 Telstra Support
* Telstra Support employee number: 16803

* The husband called back to the provided number and, via a female picking up the call and presenting herself as Telstra Support, connected back with the male identifying himself as ‘Neil Bracht’.
* Neil Bracht instructed to run Command Console (Windows+R and cmd and next to run netstat and eventvwr in the command window) and gave a lengthy explaination on how many rogue connections are actually active on the computer resulting as well in spam mails etc.
* In the next step he convinced the husband that the only way to fix the problem is to let him remote access to the local computer and allow to install Telstra'’s protective software. This has been done by installing remote access software from www.aeroadmin.com with id 312 681 114, next via anydesk, unsuccessfully, and eventually to install the TeamViewer with the screen shots below








* Next Neil Bracht passed command to his colleague referred to as Garry Wilson, supposedely from Microsoft. Garry ran in the cmd window tree and certmgr commands and directed the husband to open Microsoft Authenticode™ Root which indeed does not have valid certificate, see below


* Garry concluded that we have to buy a new valid certificate by buying iTune cards, at $100, at Coles or Woolworth and giving them the card number. He asked about the number of computers at home and after learning that we have three, decided that three iTune cards, total $300, are needed IMMEDIATELY. Below are his directions


* Barry directed to buy iTune Cards immediately, or we would face deletion of all files on our computers. Then the husband called it extortion, said that Microsoft never proceeds this way and called Barry a hacker.
* This aggravated Barry, he found himself abused and began deleting files, starting with not yet saved project on which the wife was actually working. He said that the project has gone. At this moment the husband pulled the cable out from the router and immediately turned the computer down. The husband managed to record the last few minutes of the dramatic conversation with Garry.

Hacker's voice - can you recognize it?

* Nonetheless the damage to the computer has been done. Barry managed to delete more than 100GB of files and computer resources before the computer was turned down. The process of safe undeleting of the deleted files required several days of intensive work. Many important files have not been restored.
* After the incident McAfee antivirus detected W32/Zhelatin.gen!em! virus and Telstra Broadband Protect detected several infections and a Trojan in the Outlook files.
* Next day, after having written a detailed report, the husband took it to the Police Station at Castle Hills. Young ladies at the counter informed that they are sorry but the Police is not interested in cybercrime, and reccommended to report it to a government website:

www.scamwatch.gov.au

A laconic response came from scamwatch:




Later we found on the internet that 'our' scammers have been active recently over some time

whocallsme.com/Phone-Number.aspx/0459871236

and pretending to represent Telstra Support

au.callerreport.com/0390169681

It looks the cyber crime is of no interest to the best in the world Australian System.

Polish version of the article - just published!