Categories
sysadmin

aurora spyware (2)

pare che il maledetto spyware sia tornato alla carica con una serie di biechi trucchetti, per fortuna c’è già chi ha già preparato una pezza, nello specifico i metodi per identificarlo e rimuoverlo adesso sono 3:

  • la rc2 di spybot-search & destroy, unico neo è che bisogna utilizzarla con il pc in modalità provvisoria
  • l’ultimo aggiornamento di m$ antispyware, però non utilizzate lo smartscanner, ma fate fare una ricerca completa su tutti i dischi fissi.
  • un piccolo tool (per winXP e win2K) scritto ad-hoc da quelli di SpywareInfo.com (non funziona con tutte le varianti)

ciuaz

Categories
tecnologia

lexmark e spyware

scovato grazie a wikilab

Yes, Lexmark is now in the Spyware business!

Just the other day I purchased a new Lexmark X5250 All-in-one printer. I installed it as per the instructions and monitored the install with Norton as I do with all new software.

On reviewing the install log I noticed a program called Lx_CATS had been placed in the c:\program files directory. I investigated and found a data log and an initialisation file called Lx_CATS.ini. Further investigation of this file showed that Lexmark had, without my permission, loaded a Trojan backdoor on to my computer. Furthermore,
it is embedded into the system registry, so average users would likely never know it was there and active.

This Lexmark Trojan was programmed to monitor my use of the printer by way of data collected from two DLLs in the c:\program files\lexmark500 folder. The Trojan would then send information on printer usage, including types of print activity, scanning activity, OCR activity etc., back to a hidden URL at 30 day intervals.
[continua]

ciuaz