Was reading about the latest malvertising exploit on bleepingcomputer when lo and behold, said malvertising ad hit and tried to take over my PC.
That was the last time I used the internet without an adblocker.
I do have to admire the irony of a malvertising ad hitting bleepingcomputer on the article about said ad.
The one where they installed a remote access script on a workstation, waited for 6 months before spending all of 5 minutes bypassing a few layers of security products, gaining domain admin, and then exfiltrating 3 docs relating to a Russian dude’s trial from like 6 years prior.
Why the hell would one do that for THREE documents? I’d be exfiltrating everything out of there if I were them, if not for that Russian guy’s trial, at least for my curiosity and reading pleasure!
I can only guess it was a state sponsored action. They had a job to get some specific info and get out.
Worst experience. Fairly new at a dotcom and moving from the satellite office to the big-time (same building as these loosers who were trying to do DVDs by mail, LOL ;-) and getting the shown around and introduced to various department heads.
Met the VP of IT and Sr. Systems admin, joked that it looked like they lived there… found out they had been battling a nasty virus all weekend that had infected most of our desktops and was evading our standard AV package, it was taking several runs of a special cleaner or just a wipe/reinstall.
Got introduced to lots of other folks, learned many more things, almost entirely forgot about the virus. A few hours later I’m waiting for my boss to finish a “quick” meeting I wasn’t invited to and getting bored. But I want to seem like a responsible employee (and I was caught up with /. from earlier in the day) so I decided to log in and check my email.
And the inbox boings start. Don’t even have a functioning desktop yet and I can literally hear the virus spreading across the office. I’d manage to pick an old desktop in the IT area that hadn’t been cleaned yet. Fortunately a lot of computers were still off from the cleanup effort, so my fuckup was limited to a 6-7 systems, but that was still hours of additional work for the small IT team after they had already given up their weekend.
It’s definitely not the worst virus I’ve ever had to deal with with. But it was definitely the most visible/shameful virus related fuckup I’ve ever been responsible for.
I don’t know if this applies directly, but in my early days of hosting a server for fun, I installed a telnet server because my phone didn’t have SSH at the time. I forgot to close it when i was done and someone got in and installed a password sniffer. This was a Slackware box, IIRC. My only indication that there was a problem was that the “.” & “…” directories didn’t appear from an “ls -Alf”. I pulled the network cable and booted to a boot image and discovered that many key system utilities were replaced with imposters that would mask that there was an intruder. The '“ps”, “ls” and other utils were symlinked to the “…” dir in /usr/local/lib.
I didn’t trust anything on that server and nuked it. Now, anything that’s internet facing is built from ansible and the config is stored in a repo and the repo is backed up on a drive that’s physically disconnected except when backing up. I’ve messed up the initrd from time to time and it’s usuall easier for me to reimage than try to fix it.
Mine is quite tame. I accidentally unleashed the conficker worm on an org.
Had to patch about 1000 PCs across Australia to clean it up and that was a royal pain downloading windows updates over dialup.
Yes, we were still using dialup in Australia around that time and no we didn’t have wsus either.
We got Sality. Huge PITA to remove.
I’ve never been able to confirm if it’s true or not but around 2014/2015, I had a malicious Firefox extension that apparently originated from Google Chrome. What it did was basically put ads on all webpages, including blank pages and it was really hard to remove because it would just keep reinstalling itself until I uninstalled Chrome and then found and deleted the folder that contained the origin of the malware.
I wasn’t able to do much research on my own, mostly because I didn’t really know how to, but everyone online (possibly including Mozilla themselves) who was infected by the malware believed that Chrome downloaded the malicious Firefox extension. The main reason people believed it was because not only did the malware only seem to infect users who had both Chrome and Firefox installed but the origin of the malware would keep reinstalling itself until you removed either Chrome or Firefox and stuck with just one browser.
That one time back, from so long ago, when I was less techy than 2024 me, when everytime I opened my old Android phone, the browser would open up a Thai porn site. I went to the applications list on that old phone, and found an empty app with no icon and uninstalled it, and it stopped happening.
I don’t think I’ve had any particularly bad ones. In fact I don’t remember having any since my age was in the single digits tbh. The only time I remember having malware was once when I tried to install iTunes on Windows for some reason, and I got infected with some kind of malware from trying to download this. I don’t remember what exactly it did—I think it was just adware that interacted with your browser, nothing too crazy. I think I may have done a fresh install or factory reset to get rid of it. I was really young at the time and I don’t recall getting malware since. I’ve definitely never (consciously) experienced malware on Linux, yet. (I say consciously cause for all I know maybe someone’s bugged me with a keylogger I’ve not detected idk. Hope not!)
God, I remember how when I was like 8 years old I infected the home computer with a super annoying Adware.
I have no idea how it got in, if I was just hanging out on the Cartoon Network site playing games, but it happened, it was horrible. Every time I turned on the computer it played a video of a woman talking in a strange language and advertising something I don’t remember what it was. I think in the end they had to format the hard drive, that’s how insidious that shit was.
Another vaguely related event is when I supposedly messed up my mother’s first laptop by downloading music from Ares. I say “supposedly” because I doubt it was because of that, but because I was taking a bath while I was handling it. My mother loves to talk about it every time she hears the phrase “Computer Virus”.
0KB? Anyone?
Explanation:
Zero kb deletes all files in your home directory, replacing each and every one of them with a shortcut of size “0 kb”
Got something installed in the earlier days of the web that would hijack the screen. I was able to identify the process in the task manager and delete it before it could replicate again
Pop ups in early to mid '00s
Downloaded a sketchy copy of some hard to find software some years ago. Once I tried to run it, I immediately noticed that the fans started spinning fast and everything was much slower. A quick ctrl + shift + esc and I saw that CPU usage was over 90% - Checking the detailed processes, I found the executable I tried to run and force-stopped it. It almost immediately restarted itself. Obviously, it already set up some other process to check for that process, so I started killing other processes with unfamiliar names until said process stopped restarting.
All good thus far, I went to check %appdata% and of course, there was a sketchy executable there that ran the keepalive process. Deleted it, searched all over for similarly named executables, everything seemed clear. Turned off the internet, rebooted the PC. Turned the internet back on and everything was still fine. I did notice later that I suffered some damage in the form of some files getting encrypted, which was why the CPU usage shot up in the first place - it was one of those ransomware type that, once finished, would no doubt sell the encryption password for a bitcoin deposit.
My other experience with malware was on Android. It’s amazing the lengths some FUCKING HARDWARE VENDORS will go in order to install adware on everything, right, Xiaomi, Samsung? Seriously, being forced to see an ad when you just want to use the fucking calculator? Fuck that shit.
I’ve got an I LOVE YOU virus once on a Panasonic X700 fliphone. And, since it was an already old phone by that time, no one had the right tools to fix it anymore.
That phone was just like a Nokia, btw. Exact same Symbian OS, just with different media files and branding. (or at least, it looked like, so much so it hurt my young brain at the time)
There were photos of F1 cars on it by default. And a mini golf game that was awesome.
I was so sad when that phone got bricked. I don’t even tell you guys how I got that virus since it’s so embarrassing 😅
Also I almost got a ransomware on a freshly installed PC. I was lucky enough to notice something was wrong and I was able to stop it. Though, lots of folders have been infected (files have been created - the message that should have been displayed inside the virus’s windows I assume) and some files did get encrypted - but not deleted…
So grandpa had a computer problem. Turns out he installed one of the early locker trojans. He: “It’s all my own fault.” Family: “no grandpa, that were some ugly hackers”. So i removed the virus and checked the computer. Turns out it was his fault. He tried to watch “russian removed porn” and installed the virus in that process. He was like 85 and needed help washing himself. So IDK what his intentions were… The worst part: I had to keep a straight face and confirm the “hackers” therory. That secret will die with me. And now you.