Category: Programming

Programming, Security, Tech

A Virus Built with Love

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

Sean: I’m always here for you.
Samantha: That’s great but you only have $30 in your pocket, and I only have three more minutes left.
Photo by Ana Maria Moroz, please support by following @pexel.com

Here’s a strange question for you. Have you ever loved someone so much that you create something in their name? Not like a creepy shrine or anything like that, I mean create something and let it loose on the internet for it to wreak havoc on the world.

If you haven’t, then you’re a part of the unlucky club as most people haven’t experienced that kind of love. Well… I say love but it very well could be just wanting a good “fun hugging” time and things just didn’t work out because well, money.

It kind of makes the world go round. However, let me script to you someone who has and how the internet went ablaze with the “You got mail” era.

You pay, I slay.
Photo by Efigie lima Marcos, please support by following @pexel.com

50 Networks of Melissa

Back in the heyday of AOL (America Online), there once was a virus called “Melissa”. I know someone is probably offended and wondering why their name is a computer virus that may be oddly categorized wrong since worms replicate themselves throughout a network, which is what this “virus” did.

I’m not going to get into the politics of it. Just know this virus was created and released, and many people were upset. Melissa (sorry for anyone known by this name and reading this), is what is called a “macro virus” – meaning this virus was written in the same language Microsoft Word and Excel were developed in.

Melissa (again, sorry, I didn’t choose the name) would hide in spreadsheets and activate as soon as you open the file, once opened triggers malware made to wreak havoc on your machine and further spread the virus to the edges of your contacts list and theirs and so on and so on. Melissa was the kind of gal that kept on giving.

David: I told you already, her name is Melissa, and she loves me.
Dr. Paterson: David, we’ve been over this. A computer virus that you created can’t love you.
Photo by Timur Weber, please support by following @pexel.com

Breaking AOL and Beyond

You may be wondering, who was this madman or madwoman, it’s wrong to assume the gender nowadays, that created this virus in the name of love. Look at no other person than David Lee Smith.

David chose to make use of the confusion surrounding the internet and email at the time since the internet or web1 was in its early stages. I don’t see how there was that much confusion, it was either you have mail or you don’t have mail. It seems pretty straightforward if you ask me, but you didn’t so whatever. Rambling aside, David, in late March of 1999, hijacked an AOL account and used it to post a file on an Internet newsgroup name “alt. sex”.

The post was promising a really good time because it offered over a dozen free passwords to websites where you had to pay for adult content. Posting like that nowadays wouldn’t have much of an effect since most of what you want to watch is free however, I am aware there are a number of you out there who are broken and may need to find some “harder material”. Like cats being shuffled around in duffle bags, Z-Daddy isn’t judging.

Oh, and he chose to name this virus Melissa after a stripper that he was into. I’m guessing the story is, he fell in love, and she said you don’t have any more money, he got depressed and created a virus, giving it her name to make her famous.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

Hello from the other side, I’ve must’ve called a thousand times.
Photo by Hebert Santos, please support by following @pexel.com

Setting Fire to the Network

So, what were the effects of Melissa’s presence? Well aside from overloading email servers at more than 300 corporations, government agencies included, no the government is not happy when you mess with them however they are giddy when they get to mess with you, it ended up shutting them down entirely along with costing $80 million in damages.

The virus functionality worked in the form of phishing, where you would open an email and click on an attachment, the infected file would then activate and read to the computer’s storage where it would create an Outlook Global Address. After this, the virus would then send copies of itself to the addresses read.

So in a nutshell, this would get into your machine, find your list of contacts, and begin its great journey spreading itself down everyone’s cornhole. Psychotic ex strippers…am I right?

I will siren your bank account and beyond.
Photo by Somewherewith Tom, please support by following @pexel.com

Protection Against Sirens

You don’t need to worry about this Melissa getting into your life and mucking it up anymore, well for the most part. The news spread fast enough to slow the spread allowing cybersecurity professionals to contain and restore their networks. However, this doesn’t mean that you’re free to run around clicking on links promising you a good time.

There is a wide array of viruses out on the internet that have the same attributes as Melissa. But ways you could prevent her from ever knocking on your door…well, one way is not forgetting to tip your bartender and close your tab.

Always follow good bar patron best practices. When checking your email, if you find you have to take a double look because something seems grammatical or misspelled, for example, “h0w ar e    you” versus “how are you”. If the email you received came from someone you know, it’s always a good thing to double-check with them to confirm that they sent it.

Always use an antivirus/antimalware/antispyware and make sure your operating system is up to date as patches for any vulnerabilities would include improving the safety of not only your computer but your wallet as well.

But to protect yourself entirely is just to use common sense and if it looks phishy, then don’t engage, and delete it immediately. On the internet Melissa has friends and they can do the same thing as her, if not better, just when you thought she was one of a kind.

Seth: The latest script was like OMG, and it made me ten times happier to be with you.
Tina: I know, Z-Daddy made me feel the same way.
Photo by cottonbro studio, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Think there was something I missed or may have gotten wrong about Melissa? Script a comment about it down below.

Programming, Security, Tech

Modding Minecraft & You

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

Mining myself a whole new world.
Photo by Alexander Kovalev, please support by following @pexel.com

Just when you thought your children were building a harmless digital landscape for themselves comes an upload of new problems. Hackers have been changing the attack vector landscape for themselves which could have your bank account seeing a lot of red.

It has been well known by now, even if you have been living underneath a 1970 Volvo station wagon, that the game “Minecraft” has been the focus for hackers over the past couple of years. The last major event was Log4j, a vulnerability exploit that set the internet ablaze for a few weeks.

A thing we would like to see is how much of a problem this will be and whether it will continue in the foreseeable future. Like normal, we’ll be looking at what the attack is, who used or created it, its functions and effects upon its release, and some ways you could keep safe.

Hebert, there’s a new script and you might want to read this one because we need to talk about Kevin.
Photo by Yan Krukau, please support by following @pexel.com

The Attack

This is no secret by now that hackers have been using Minecraft as a place to commit their nefarious deeds. The latest of their information-stealing malware/spyware is being called “Fractureiser”.

If you’re unfamiliar with mods and modding we’ll quickly explain, there are some cases where a game is good, but it could be better, this is where independent developers or bored developers put together some code and add it to sections of the game. Like in Skyrim, there was a mod to have Tony Starks Iron Man armor.

It’s a grey area when it comes to knowing if modding is legal in the gaming industry because there are some games that can get banned from servers but to keep things simple, remember not to mod games where you must play with a community.

Tim: They mentioned my Iron Man mod.
Sarah: Shut up Tim, that means they’re on to us.
Photo by Tima Miroshnichenko, please support by following @pexel.com

Who Can It Be Now

At the moment no one has been named, neither group or individual responsible for the creation or use of the malware but threat actors have been using platforms like CurseForge and Bukkit as attack vectors for the malware.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

You see that line of code right there. I didn’t write that.
Photo by Christina Morillo, please support by following @pexel.com

Sinking Feeling

Fractureiser’s functionality has been reported by Bleeping Computer, breaking it down into four stages of the attack. In the beginning, stage, when a mod is uploaded, it’s hijacked and injected with malicious code into the main class of the given project.

This attack is taking place in the Java programming language, just know Java is popular and used everywhere. The main class is a section of the code that holds what the program is going to execute. The program is overwritten and connected to a URL (Uniform Resource Locator) that downloads a file unique to the operating system (OS).

Afterward, another connection is made where the malware captures the user’s IP address and reports it back to the command and control (C2C) server. The malware then connects the same IP address to port 8083 for it to download another file and save it to the machine’s OS. The possible effects of having your information collected could be endless as it could be used by the threat actor to purchase loans and other things in your name or can be sold to other interested parties.

This all takes place while you are building your world in Minecraft. Just when you thought you were being the crafty one.

Modding is at your own risk.
Photo by Nadin Sh, please support by following @pexel.com

The Prevention

Outside of you crafting your way to new beginnings, it seems like this will continue to be a problem in the future because hackers are coming up with new ways to onboard malware to your machine.

An inconvenience for having this on your machine is the reinstallation of the OS which could wipe out everything if not frequently saved via an external drive. The best way to keep your machine and your wallet safe is to keep from adding modifications to the game since there could be malicious files or code injected into the uploaded package.  

Well played Scriptingthewhy…we’ll meet again.
Photo by Tima Miroshnichenko, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on Fractureiser? Script a comment below.

AI, Programming, Security, Tech

Dwelling without Sunshine

Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

I’m going to read one more script before this court case. I mean the guys going to jail anyway so reading more it’s going to hurt.
Photo by Ketut Subiyanto, please support by following @pexel.com

So many times, in life when you think you have dealt with one problem, shortly after there comes another one creeping its way around the corner hopping in your pants to make its way up the place where the sun doesn’t shine.

For many of us, this comes in the form of bills, but for most of us, this comes in the form of finding out how easily someone can obtain our sensitive information, which in most cases they don’t have to be involved at all, they can just have collection be automated while sat on the porcelain stool passing the morning coffee and last night’s meal.

Android products and Google Play Store have been a playground for threat actors to release malware in an effort to collect from their victims. As usual, we’re going over what the attack is, who is using it, the functionality and effects upon release, and what are some ways to protect yourself from having a rat run rampant on your personal device.

Dear god, it’s making its way up!
Photo by Andrea Piacquadio, please support by following @pexel.com

The Attack

Speaking of having a rat in your personal device. Here’s a name you’re not ready for, IRATA. Yes, that’s an actual name of malware. IRATA stands for Iranian Remote Access Trojan.

Are you trying to figure out what the last “A” stands for? Simple, since it is Android specific, it stands for “Android”. Android users, feel proud, there’s another malware targeting you…yet again.

This is a program that has spyware and information-stealing capabilities. This was discovered via a smishing attack in Iran. Smishing for those who do not know, is the dark art of contacting a person through text or another SMS (Short Message Service) to lure them into a false sense of security to give information. In this case, IRATA brings users to a fake webpage urging them to download an app and pay a fee for the service.

Unlike how companies operate by offering a service and charging you for the service and then some, you can actually choose not to pay this one, so don’t pay it.

I’ve read Scriptingthewhy, I don’t think Z-daddy was talking about this kind of rat.
Photo by MART PRODUCTION, please support by following @pexel.com

Who Can It Be Now

So who are the culprits employing the use of IRATA? Well, and this seems to become the norm if you’re a subscribed reader, no one has been named for using this malware.

However, its origin stems from Iran since that’s where its activity is taking place. Just be aware, that if you have a trip coming up to Iran, pray for your Android device. Regardless, still safeguard your device, traveling or not.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

Tim: You’re not going to believe this, a rat made off with my information.
Sarah: Are you sure it’s a RAT and not a rat?
Tim: What’s the diff?
Photo by Tirachard Kumtanom, please support by following @pexel.com

That Sinking Feeling

Why would this be something you need to worry about? Well, since you asked, you would have to worry about IRATA scurrying away with all the information about your personal device.

This would include information like the serial number, the device ID, battery status, network type, and many other things. This is like your blind date showing up and telling you everything they know about you without you uttering a word. It’s not creepy at all.

To make IRATA even more terrifying, IRATA can hide itself by disguising its icon and tampering with the phone’s sound settings, like putting the phone on vibrate or lowering the volume. Once IRATA is in, it can collect information and replicate software to further malicious attacks like phishing.

I did my research on you, I hope that’s not like creepy to you or anything.
Photo by Andrea Piacquadio, please support by following @pexel.com

The Prevention

Okay, so it’s clear that you don’t want to go on a creepy blind date where they know everything about you before you say anything, and neither do we want you to. So how would you protect yourself from something like this?

To keep this malware from two-stepping on your personal device, check the reviews of others who may have downloaded the software. Always read the permissions the application is requesting to have access to as some may request access to questionable things.

Like a camera app requesting access to cookies in the browser. It’s plausible that the camera application may have a valid reason for requesting access, however, if it raises a red flag to you then you should go with your “gut feeling”.

Do not download software from third parties as they may contain malware on par or worse than IRATA. Keep your system and anti-virus up to date and exercise caution when opening emails with attachments.

You might not be able to keep out every rat but you can at least lower your chances of falling for their traps.

Kim: You have protection, right?
Dave: You bet I do. I have anti-virus software and Scriptingthewhy.com and… that’s not what you meant by protection.
Photo by Josh Willink, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on IRATA? Script a comment below.