Warning!

August 24, 2007 at 11:41 pm (Blogging, Deafness)

I accidentally clicked on one blog on DeafRead, the Orange Deafie blog. When I clicked on it, I got eleven, yes, 11 alerts from Norton saying that my computer was trying to transmit my password information to that site.

I blocked it, of course, then ran a scan with Norton Anti-Virus. No viruses were found. What was interesting to me though.. When I sent out an email to my friends warning about what happened.. When I typed (without the spaces) d e a f a d v o c a c y, the d e a f a d v o was **’ed. And every time I type that word without the spaces, Norton gives an alert that my computer wants to transmit passwords to that site.

I’ve run Ad-Adware 2007, and removed a bunch of spyware. I also ran Spybot – Search and Destroy, removed a bunch of spyware.. and now I am running Webroot Spy Sweeper in hopes of removing this keylogger.

This is not exactly a virus, per se. But it seems to me that this is a customized spyware, a keylogger to record every time someone types the word deaf advocacy together, so they get our passwords so they know what we’re discussing about that organization.

I’ve already reported this to DeafRead, and they think it’s an issue with my computer, not with that blog site. I disagree, so that’s why I’m blogging about what happened. I’ve also contacted law enforcement about this.

Do not visit the Orange Deafie blog! You will get spyware!

See below for my Norton Log about what happened when I accidentally visited that blog.

Date Time: 8/24/2007 3:20:41 PM
User: Supervisor
Action: Blocked
Type: HTTP
Category: Password
Data: ********
Destination: http://www.********cacy.org/icons/broken.gif

Date Time: 8/24/2007 3:20:20 PM
User: Supervisor
Action: Blocked
Type: HTTP
Category: Password
Data: ********
Destination: http://www.********cacy.org/blog/2007/08/response-to-carl-schroeders-yesterdays.html

Date Time: 8/24/2007 3:20:27 PM
User: Supervisor
Action: Blocked
Type: HTTP
Category: Password
Data: ********
Destination: http://www.********cacy.org/icons/ball.red.gif

Date Time: 8/24/2007 3:20:32 PM
User: Supervisor
Action: Blocked
Type: HTTP
Category: Password
Data: ********
Destination: http://www.********cacy.org/icons/apache_pb.gif

20 Comments

  1. Jean Boutcher said,

    August 25, 2007 at 1:51 am

    DP, I wonder why my Verizon ISP’s Internet
    Security did not warn me when I visited
    Orange. My Verizon includes anti-virus, anti-spyware, firewall, etc.

  2. Richard Roehm said,

    August 25, 2007 at 2:36 am

    Its real nice to see someone trying hard to scare people away from that post by stating there’s a virus or spyware on it.

    What I posted is the truth and too bad if the truth hurts.

    If you really want to beautify ASL for a change, you’re going to have to stop using it in the 4 methods I’ve described on that post.

    Richard

  3. Bill said,

    August 25, 2007 at 9:41 am

    Hmm. Want Linux?

  4. A Deaf Pundit said,

    August 25, 2007 at 10:00 am

    This isn’t MY computer, fortunately. My computer is being repaired at Best Buy, and I’m using this computer that nobody uses until it is repaired.

  5. Beth Koenig said,

    August 25, 2007 at 12:42 pm

    Since no one uses the computer it’s probably way out of date. Also, what did you do to your computer to have to take to Best Buy in the first place? This tells me two things. You know next to nothing about computers and you are lying in your post.
    First download and switch to firefox, next if you are paying for Norton don’t, it doesn’t work that well anyways and slows down the computer. Then go to Microsoft’s windows update and get all the updates. Yes even if it takes you all day do it. Microsoft is a buggy enough system you don’t need to be exposing the computer to stuff that Microsoft already fixed!
    When that is done run your spyware removal programs again. When that finishes, defrag the hard drive. Then remove the shortcuts on the desktop that say internet explorer. You will now use firefox as your default internet browser. That should keep your computer in ok condition for a day or so, longer if you don’t visit any porn sites. For a more permanent solution download and install Ubuntu. http://www.ubuntu.com or you can request a free cd be mailed to you.

  6. Markkus said,

    August 25, 2007 at 1:04 pm

    JJ needs to grow up!

  7. A Deaf Pundit said,

    August 25, 2007 at 1:17 pm

    Beth, just because I said nobody has used this computer in 3 years doesn’t mean I have already done what is common sense – patching and updating all of the software when I started using this computer.

    Furthermore, I don’t appreciate being called an incompetent liar.

    You’re now banned from my blog.

  8. The One and Only Ridor said,

    August 25, 2007 at 2:57 pm

    DeafPundit: Let me be the first one to confirm what you experienced. A little while ago, my anti-virus put up an alert when I click on that blogsite — that was last month. And ever since, I avoid it.

    No, you’re not lying.

    R-

  9. C said,

    August 25, 2007 at 4:08 pm

    I used to have Norton Antivirus and then when I added Norton Firewall, things got screwed up. I decided to nix that and used Pcillin and it’s really great! but my free trial period expired and I was going to pay but decided to check out another All in one bundle. Some firewall is annoying and others are not. I just checked my firewall blocks and do not see anything that refers to Orange site…nothing that allows it to get into my ports either. so..I’m not sure exactly what Pundit and Ridor experienced. I also have Adaware and it helps me get rid of spyware and brower hijacks and key loggers. You pretty much can get keyloggers from entering some sites and adaware deletes it. I appreciate the heads up. I will monitor my computer more closely now. Be forewarned, this guy is capable of doing stuff like that.

    Sometimes it pays to download demos to try a different antivirus or spyware remover and see what it uncovers. Norton isn’t as great as it used to be and I was their customer for years.

  10. A Deaf Pundit said,

    August 25, 2007 at 4:25 pm

    Yeah, I don’t like Norton either. But this isn’t my computer. Having Webroot SpySweeper plus Ad-Adware will take care of most spyware out there.

    The Webroot SpySweeper, by the way, took care of this problem. I also figured out that the *** problem I had, was NOT caused by that blog. It was caused by Norton. So it was half them, half Norton. :P

    For anti-virus and firewall I recommend Kaspersky Internet Security 7.0. It is quite expensive, but well worth your money in preventing viruses and hacker attempts. The only drawback to that is it works with IE, but not Mozilla Firefox. But since it was the highest rated by computer magazines and works REALLY well, I think it’s worth it.

  11. C said,

    August 25, 2007 at 5:08 pm

    I have kapersky (both anti virus and firewall) which came with system mechanic. So far, I’m satisfied with it. Yeah I paid a bundle for it..but I did like PC-illin too and that also costs a bundle.

    System Mechanic does a lot of stuff for you while you sleep or you could manually execute some tools.

    One thing I would suggest is whenever you get warning, write down the warning or the suspected virus, or what have you and google for removal. I find lots of good instructions online. Most of the time all you have to do is go into safe mode and run anti virus, adaware, or whatever you have…and it ususally takes care of the problem. SAFE MODE is the best way to fix it. That’s what I’ve found.

  12. Jenny said,

    August 25, 2007 at 5:11 pm

    Or buy a Mac. They may not be impervious to threats like this, but they do a FAR better job than Windows does. Spyware, viruses, Trojan horses, and stuff-of-that-ilk infections are few and far in between on a Mac.

    Thanks for the heads up! Roehm scares me because I honestly believe he’s crazy enough to do something like this and worse.

  13. SH said,

    August 25, 2007 at 6:30 pm

    Hmm.. Weird.. I went into this website few times and never got virus or spyware. Even today I went in but I left because there’s nothing much to read.

    How would I know if this is fact – My Anti-Virus is all up-to-date and fully protected, there’s no alert pop up on my monitor.

  14. A Deaf Pundit said,

    August 25, 2007 at 6:47 pm

    I’ve figured out that it only flags the 3 .gif files on your first visit to that site, for some reason. You have to either approve or reject it, and if you approve it, it won’t be flagged again.

    To me, it’s very odd that an anti-virus program would flag 3 .gif files. Norton is a tad hyper-sensitive.. but.. *shrugs*

  15. Curious Eyes said,

    August 25, 2007 at 6:53 pm

    Hi DP: when you visited Orange Deafie, were you using IE? I use Mozilla Firefox primarily as my web browser, and also have Norton Antivirus. Didn’t get any warnings. I always thought keyloggers had to be physically installed on your computer to work; they aren’t viruses. Is that wrong? Sorry you had such a scare.

  16. A Deaf Pundit said,

    August 25, 2007 at 6:59 pm

    Nope, I wasn’t using IE. I hate IE. I would use Linux if there were more programs available for Linux, really. :)

    And no, keyloggers can be viruses. They’re usually trojan ones. See here: http://en.wikipedia.org/wiki/Keystroke_logging

    Then scroll down to hacking and read that section.

  17. Stephen Hardy said,

    August 25, 2007 at 9:00 pm

    I am an IT professional and I have tools to test different things. I went to that web site and nothing malicious has come from that site. Most cases, antivirus, adware, etc. programs gets jumpy on *.gif files. This does not mean the gif files are infected; however, the program security is tight and tend to give out false positives.

    Good idea to make sure your operating system is up to date with patches.

    Hacking techniques varies, people can hack their way into java, scripts, and many other programs if someone finds a hole. There are no best browsers or operating system in the market. Folks need to keep up with the updates and patches to keep their system secure.

    One more thing, in order for the trojans to work it must be inside your computer. Some zip files someone downloaded from bitorrent, etc. may contain the trojan file. Someone added a trojan and zipped them into a file. I have seen this so many times.

    Common sense is an important thing when you download a file from someone you do not know or you do not trust mostly are correct. People out there are mean and they get excited when they installed a password sender in someone’s computer. Passwords should not be text instead it should be encrypted.

  18. A Deaf Pundit said,

    August 25, 2007 at 9:18 pm

    Huh. Never had a case where the programs got twitchy on the .gif files. But again, this isn’t my computer. :P

    Yeah, I knew trojans had to be in your computer, and naturally patching and updating your computer is a must. If you don’t, it’s leaving your computer wide open for jerks out there.

    Thanks for your information, regardless.

  19. IamMine said,

    August 26, 2007 at 4:10 am

    Hey DP… lol some interesting comments up there. :P

    I am afraid my anti-virus isn’t updated…I’d better get to that asap!

    I also clicked on Richard’s blog…but I’ll run adware tomorrow – time for a clean up anyway.

    Thanks for the heads up!

  20. Redtail said,

    August 26, 2007 at 9:04 pm

    I have spy sweeper and yes it is very true. when i clicked on the orange deafie blog and I get warning sign. so I just merely delete it.. (deleted – this went too far. ~ DP)

    RT

Comments are closed.