Fake security software "Security Tool" Infection explosion, the cause is attack of micro ad ad delivery server
From September 24 (Friday) around 21:30 to Saturday, September 25 (Sat) 0:27 GIGAZINE ·Everyday jp·Impress·Slashdot·Price .com · Eating log·Everyone's stock·Minkara·J-CASTIt is clear that some users who saw pages of many sites including infected sites are infected with fake security software "Security Tool". The reason is that due to the advertisement of MicroAd Inc. which was displayed in the page, the same damage was occurred in many sites which distributed this advertisement.
Since GIGAZINE instantly identified the cause, we hide advertisements of microadds and continue to hide display in case too. If I could identify it a little earlier, I could hide it earlier and suppress the damage, but this was the limit, I am very sorry.
A summary of the circumstances clarified up to the present time and the method of exterminating "Security Tool" are as follows.
◆ What is "Security Tool"?
"Security Tool" is a fake security software that has been occurring since around 2008, forcibly installing in Windows by forcing various software bugs and security holes, invalidating already installed security software, in addition Depending on the task manager, right click menu, disable connection to the net. Then, it displays a window of meaning such as "it is infected by the virus" and "detects a large number of viruses", and "I have to update to the paid version in order to remove these viruses, credit this form Enter card information "is malicious malware that urges you.
Actual screen
Warning popup. It is also characterized by Japanese being hen.
like thisFalse detection screenIt is displayed
Screen for entering credit card information. You must not enter it. If you do, please contact the credit card company and we will respond.
◆ How to delete "Security Tool"
For the manual disinfection method, the latest procedure is summarized on the following page.
Infection of fake security software "Security Tool"
Other simple removal procedures are as follows.
Step 1: Stop the "random number" .exe process. Stop from "Process" tab of Task Manager, or "Process HackerStop using software or stop using software that can display similar processes. It has become such name as 29225726.exe. Anyway, unless you end this process, you can not activate various antivirus software and so on.
Step 2: "Security Tool Removal Tool, "Or"Norton Power Eraser, "Or"Ad-Aware"Spybot - Search & amp; Destroy"Or install anti-virus software that can use full function even during the trial period and disinfect it.
Originally installed antivirus software is the latest version, and if it is made to stay permanently, it will not infect this fake security software "Security Tool", so install new security software. In addition, most security software present at the moment can disinfect this "Security Tool". Also, being infected with this "Security Tool" is also likely to be infected with malware and viruses that do not make other remarkable movements, so scan the entire PC and check it.
History of this time at GIGAZINE
· Friday September 24 (Fri) 21:51
From readers "Google Chrome"Antivirus software"Avast!"Has come to the effect that access to GIGAZINE is blocked and a warning is displayed. Although we check the site of GIGAZINE at the time of this contact, nothing is detected and possibly a false detection of antivirus software or an advertisement embedded with something malicious code via an ad delivery server I guessed it would be either one of them.
Since other readers also received several similar contacts due to time difference, we continued to monitor GIGAZINE's page periodically and decided which advertisement distribution server / ad network was the cause. As a reported phenomenon, "A media player suddenly got up and tried to start something," "I tried to read a JAR file I did not understand", "A PDF file named libtiff.pdf was about to be loaded" Etc.
· Friday September 24 (23:59:22)
I was watching the page of GIGAZINE "ESET Smart SecurityHas finally succeeded in connecting to "ipq.co" and trying to download malware without permission.
When I looked at the GIGAZINE page at this point in Safari with the development tool started for analysis, I found a mysterious iFrame like 1 dot × 1 dot.
As I looked at the source code, I found an iFrame tag that connects to "ipq.co" like this. It was found that the microadd servers are displayed before and after this tag, and it is presumed that this malware infection is occurring via the microadd server.
As a result of further analysis, it was confirmed that the micro ad server was attacked by someone and was taken over, delivering a mysterious iframe tag.
· September 25 (Sat) 0:27
Removed ad tags for micro ads from GIGAZINE. Also, why this iFrame is loaded every time the page is displayed, the reason why malware is not downloaded or not is also found. First of all, this "ipq.co" is a service like the following.
A service to easily add domain names to IP addresses in an instant - swordsmith
http://romberg-iso8.blogspot.com/2010/09/ip.html
That is, it makes the arbitrary IP address into the domain "favorite name. Ipq.co". The reflection time was also quick, it seems that it was reflected in about 1 minute at this point. In other words, if you direct it to the site where malware is placed every time, it is said that it is caused by tags for ad delivery of microadds, so rewrite the forwarding destination of promo.ipq.co to the malware distribution destination for only a short time and immediately We used the technique of rewriting it and rewriting it again when the blooming cold, so as not to be identified for as long as possible, so that it could not get out for as long as possible. Furthermore, it is speculated that it was hard to identify who was the culprit via this ipq.co, meaning that the identity of such a criminal was meaningless.
Due to this method, even if I accessed GIGAZINE here, I could not detect the virus for a long time, but the damage report came into a state of continuing to arrive and I felt a very toothy feeling. It will be a complete excuse, but it is very regrettable if I think that I could suppress the damage if I could notice this earlier.
· September 25 (Sat) 0:59
Please contact the micro ad company to collect the above circumstances and request investigation.
· September 26 (Sun)
The following press release came out of micro add.
※ It is a PDF file
[Disability report] Apology and report on tampering with our service
http://www.microad.jp/press/20100925/20100925.pdf
The contents are as follows.
September 25, 2010
Micro add
Apology and report on tampering with our service
This time, some data was tampered with malicious attack by third party in our service "a part version of Ad server VASCO". As a result, during the time period, users browsing the HTML delivered from our server accessed a malicious site, an event occurred. It turned out that there was a risk of infection with the virus on this site. We deeply apologize for the concerned users for causing inconvenience and we request you to conduct virus scan / disinfection. In addition, our service "MicroAd Ad Network" has no effect of this case.
Record
1. Period
As a result of our investigation, around 9:30 on September 24 ~ around 23:30 on September 24
Since this event has occurred by being transferred from our site to a malicious site, it is not known about detailed time. As we confirmed by our company, transfer to the malicious site was stopped around 23:30 on September 24th.
2. Details of the event
· As a result of tampering with our program, a 1x1 pixel iframe tag to access third party's external web in HTML append column was inserted.
· In the iframe tag, a guide link was inserted to a malicious site using URL shortening service.
· The guidance link was taken on 9/24 23:30 as a measure to cancel the transfer. (Our company confirmation)
· When accessing a malicious site through a guided link, malware "security tool" was installed.
· This malware could be installed by users mistakenly downloading.
· We modified the tampering of our program to September 25 1:07 and completed the correspondence.
3. Requests to customers who may have been infected
Sorry to trouble you, please keep your anti-virus software up to date and perform virus scan.
If you do not have it, please try online scan on the website of each security company.
We sincerely apologize for the inconvenience caused to our customers who use our service.
※ Additional note (9/26 01: 11)
When "security tool" is installed, the browser may not start up and online scan may not be executed. In such a case, information like the URL below is provided, so please try it.
http://sec.sourcenext.info/support/securitytool.html
4. Contact information in this case
Please contact us at [email protected].
Please note that we have confirmed the damage caused by unauthorized access from third parties, we will submit the damage report to the police in the future and we will continue to respond.
Best regards
◆ "Security Tool" Scale of infection
In short, the person who was browsing the various sites displaying advertisements of microadds at the corresponding date and time, the definition file of the antivirus software was not updated, was not made resident, the security hole of other software People who were not blocked infected, infected on the plane, from September 24 (Friday) around 21:30 to September 25 (Sat) 0 o'clock on Twitter a number of infection reports one after another on Twitter It was.
Ramen and san go around and eat log page When the page opens suddenly the real player starts up and the security tool is installed. I started moment of virus activation · · ·
http://twitter.com/Yoikohyakka/statuses/25415524119
Every day. Looking at "redmancerg", virus detection and F - Secure warn. Information when it goes out, even a certain mail order site came out. Ad network okay?
http://twitter.com/kx/statuses/25415537177
It seems that malicious iframes were delivered via multiple advertisement distribution servers, including Slad. Blocking the connection to "ats.redmancerg.net" will be a simple remedy. Perhaps this time I will apply various patches exactly, I think that infection will not be done if anti-virus software is the latest version.
http://twitter.com/ex_hmmt/status/25412105336
After scanned it was virus detection ('; ω; `) Since I was at Mikuinstaller's place, it would be Win system, so MacOS would be okay but because I am anxious, I will call Fujii because I will not call Hara for the time being. I was relieved for the time being. I can sleep in this.
http://twitter.com/iSirena/statuses/25415144177
@ Koh85 After launching JAVA and the media player, there was an indication from anti-virus software "There was unauthorized rewriting of the file but prevented it ...". Maybe the site itself was infected ...?
http://twitter.com/foret2pluie/statuses/25415142051
I will delete fake antivirus software from now. I want you not to set up on the site, but I think that it is something that I missed without permission.
http://twitter.com/as9k/statuses/25414524898
Security software is properly inserted and I was surprised because it came out suddenly though it was not particularly strange things >> "Security Tool". It seems to show that you are infected with viruses, and display money and money. Careful.
http://twitter.com/kmhr_t/statuses/25414458658
Unpalatable! When I was scared I was destroyed by PC virus was w! It is! It is!
http://twitter.com/azaz424/statuses/25414362217
I am currently fighting with a virus
http://twitter.com/kawasumiserika/statuses/25414353230
『Security Tool』 というウイルス感染警告に気をつけてください。 この警告はPC保護すると見せかけ料金を取る、詐欺ソフトです。 以下URL除去方法http://plaza.rakuten.co.jp/sallina/diary/200911280000/
http://twitter.com/Arinko_PA/status/25409828447
I was not able to use my computer when a virus was detected abruptly
http://twitter.com/rigyaku/statuses/25414061059
@ Cyzo As I was watching your site, it seems that you have been infected with a virus called "Security Tool" ... Do you have any other reports? Is it?
http://twitter.com/roku3_99/statuses/25413523829
When I saw the eating log at PC (mac), suddenly a virus warning screen appeared! Is everyone okay? It feels bad. . .
http://twitter.com/Yuki_Nishida/statuses/25413122963
Every time that the display comes out that the virus attack has been done from the moment earlier, Norton completely shut off the high-level threat, there is no need to deal with it, and it appears coolly I'm supposed to fall in love with Norton.
http://twitter.com/taka0008/statuses/25412649816
Is SeurityTool a virus?
http://twitter.com/jiribow/statuses/25412551614
Help me! It is! Tears infected by a computer with a security tool such as a security tool! Help! It is!
http://twitter.com/kotoe_cyann/statuses/25412195368
It seems that the computer was infected with a virus that seemed to be a security software. The security software in the personal computer ceased to move and the screen also became strange, so forcibly terminated. I called my son of a programmer (for me) and managed to do it now I'm checking the virus. I was planning to go to bed early (T_T)
http://twitter.com/s_mah/statuses/25411214302
<◎> <◎> RT @ peo 103: <●> <●> RT @ miya _ chopu: Help from a female college student who lives in our apartment may have infected the computer with the virus. Do you see it?
http://twitter.com/masakichi22/statuses/25411177953
According to the security memo ml, it seems that the following two sites are tainted and contaminated as of (2010/09/24 22:20). Slashdot.jp c.cocacola.co.jp It is better to be careful as there are dangers such as viruses.
http://twitter.com/kawahara_at_kgs/status/25405827336
I launched a software called a Security Tool that I did not remember when my PC suddenly installed. I tried googling for the time being a virus www Since I could delete it in safe mode, it did not matter, but it was pretty impatient
http://twitter.com/TukaharaHibiki/statuses/25410298512
Towards aw! It is! It is! It is! Infected with virus (^ O ^) / Disinfection (^ O ^) /
http://twitter.com/haaasssy/statuses/25410097065
I got hit by a virus called security tool ... I want to cry
http://twitter.com/kasaki/statuses/25410029711
I got infected with a virus called security tool, but I do not know how to disinfect it. Since I do not have any knowledge of personal computer, I am in a state of being ready. Frustrated ... irritated ... irritated ...
http://twitter.com/xblanclapin/statuses/25409871152
I was fighting the virus called Security Tool. It is already
http://twitter.com/nonsense_burei/statuses/25409869017
It's a pain that my friend told me that the virus called security tool
http://twitter.com/sina0529/statuses/25409545104
I was taking anti-virus measures. It is a pattern that it diffuses in real time as I checked it out with another PC. Everyone please take care.
http://twitter.com/s_nyoroko/status/25409232904
SecurityTool virus infected ... virus security 0 has been crushed ... What should I do ... Help me / (^ O ^) \
http://twitter.com/konumu/statuses/25408737394
price. Computer of a colleague who was accessing Com is infected with a virus. What a virus like that is on such a major site! It is! It is! It is!
http://twitter.com/norinori55y/statuses/25408165484
The virus was destroyed by a security tool virus. Please also take care of everyone. I was about to close for a long time tomorrow, so I tried to do a personal computer! damn it! It is!
http://twitter.com/hayaton711/statuses/25408069208
Infected with virus
http://twitter.com/sanaesanlife/statuses/25407766332
Oh crap, a virus caught
http://twitter.com/kasaki/statuses/25407593743
It took a virus called security tool! I do not know the route even if it seems to be generating a lot ('; ω; `). . .
http://twitter.com/shiobo/statuses/25417829897
Virus
http://twitter.com/Takuan_JoJo/statuses/25417674496
The other party who was talking with messenger fell on the ground that it was suddenly infected with virus, so I got a bit scared and scanned, but I was relieved because it was not detected. Well, that will not infect it, but I do not want it from the page I saw.
http://twitter.com/masaki_wakaba/statuses/25417666439
I guess it's a virus named security tool
http://twitter.com/rigyaku/statuses/25417580809
Virus warning is issued when accessing certain new site
http://twitter.com/namunana/statuses/25417480246
Virus first experience. Please be careful with the security tool.
http://twitter.com/mic_ryouta/statuses/25417363383
As soon as I get the virus software suddenly got up and something was infected with spyware I was scared and I was afraid what to do
http://twitter.com/hy_s/statuses/25417207727
【RT希望】自宅パソコンがsecurity toolなるウイルスに一時間前に感染しました。どなたか、リカバリなしでの最適な駆除法を教えて下さい!(>_<)
http://twitter.com/band_apart_/statuses/25417069481
There are lots of people infected with viruses after searching ...
http://twitter.com/nikkeeeeeeee/statuses/25416771818
It took virus
http://twitter.com/renka_chou/statuses/25416756654
I thought about going to bed soon ... I got infected with a virus ... Norton sensei is doing it well. I can not sleep until I remove it. Our battle is coming!
http://twitter.com/ahiru026/statuses/25416558681
It might have been PC virus in serious ... It is not because of Twitter ... but I want to change it again PC
http://twitter.com/yukitaro03/statuses/25416536820
I was infected with virus. Do not panic.
http://twitter.com/takikukeko/statuses/25416336791
RT @ macaroniR: infected with security tool (virus?)! It looks pretty annoying. Now my husband of excellent SE has been looking over various things. It seems that there are quite a lot of people infected in this number of hours. Please take care of everyone.
http://twitter.com/tanasatorutan/statuses/25416310636
Parent PC is almost infected with virus infection (accurately malware) restoration work. Why do you get caught by a virus? I have never been infected with a virus system since I started making PCs myself.
http://twitter.com/SEARTHEND/statuses/25416200341
I feel infected with a troubled virus and I want to die
http://twitter.com/arukuna/statuses/25416114586
@ Koh85 In the meantime I wrote "virus detection" reflexively and diffused, but since RT is on the market, I think that I will not be able to prevent any way and I can mind expressing it! Would it be better to check this PC more than that! >http://twitter.com/foret2pluie/statuses/25415945140
@ 51 STER_kanami Please do your best to kill the virus!
http://twitter.com/DJ_C_Mann/statuses/25415807314
Mr. Misaari lamenting virus infection.
http://twitter.com/minopu/statuses/25415796140
It is obviously stinky, warnings are issued and it is difficult to connect the Internet, so if you look it up on your mobile phone, it seems that this is itself a virus
http://twitter.com/CUT1048/statuses/25415793323
When I open the PC something like security tool and so "from your PC is a virus is a virus" warning meaning unknown (haha)
http://twitter.com/CUT1048/statuses/25415491466
If you look at the eating log, it seems like the virus was infected ... Is not it?
http://twitter.com/TY0911/statuses/25407352345
At such time PC was infected with virus. .
http://twitter.com/rocknrool_kuchi/statuses/25407270540
shock. . Infected by a security tool called a security tool. Moreover, I was deceived truly, I wrote all my card number address. . I call the card company and change my card number. . Death (crying)
http://twitter.com/sushisen515/statuses/25407167450
Even though I do not remember it, it suddenly hung on a virus that I disguised as an anti-virus software called security tool. I exterminated it and it's all right ...
http://twitter.com/ulibou/statuses/25406983304
Please be careful as it seems that a virus called security tool suddenly spreads now.
http://twitter.com/bakuretsuhanabi/statuses/25406942576
I also got infected with the security tool wwww Donkei spreading this virus w
http://twitter.com/Votoms_Queen/statuses/25406884923
To be on the safe side. I have been infected with a virus pretending to be a security tool called security tool. A warning that it is infected even though it is not infected with the virus comes out, it will come out if you update it, but never enter the credit card number etc. Because they seem to get money.
http://twitter.com/bakuretsuhanabi/statuses/25406861207
It is a virus called security tool, but on Twitter it is a little talked about now ... Why did you suddenly get infected? Is it?
http://twitter.com/bakuretsuhanabi/statuses/25406409390
By the way, even though I did not access a strange site about a while ago, Java started up and detected the virus. scared
http://twitter.com/fairy213/statuses/25406377305
@otinpo After all I can not remove the virus or this virus at all But I guess this only turns off
http://twitter.com/daiyonhadoooooo/statuses/25406332258
It seemed like I picked up the virus. Do not panic. Someone tell me how to kill scuritytool
http://twitter.com/yhr_/statuses/25406161684
I was worried about threats as I was infected with the virus from a little while ago, but the Japanese inside is very funny. Is not this a virus?
http://twitter.com/go_inkyo/statuses/25406160182
Well! Fake security virus on PC
http://twitter.com/konumu/statuses/25405987821
Either day or somewhere on the site of Nikkei. Video software suddenly started up automatically, and a large amount of warning of virus infection came out shortly thereafter. RT @ havocmocha: @ gusinraisan seriously? It is!
http://twitter.com/gusinraisan/status/25405607579
It will be caught by a virus called security tool
http://twitter.com/jun_yama/statuses/25405492334
ふ は は! Four and half years using the current personal computer. First time virus infection!ふ は は!
http://twitter.com/bakuretsuhanabi/statuses/25405359227
Oh, the worst. I think that it is a site of Nikkei, but some virus infection ... Main PC
http://twitter.com/gusinraisan/statuses/25405004283
My wife's note is infected with a virus called "Security Tool" and it is being disinfected. It is quite tough.
http://twitter.com/maruo/statuses/25404889479
@ Anriorshizukaaa Security Tool itself took about 10 minutes ago, it took the virus!
http://twitter.com/yamatixx/statuses/25404842664
【Breaking News】 PC infected with virus
http://twitter.com/nayuta2525/statuses/25404204469
I found a virus that seemed to be virus but the control panel was forcibly erased and I can not install it ;; http://twitter.com/nachiro0O/statuses/25403917627
It seems that PC is infected with virus. I got fake security software.
http://twitter.com/ganaroa/statuses/25403899895
It sounds like the PC is infected by a virus. Oh, who is it ...? It is! It is! It is! It is! It is! It is!
http://twitter.com/saeaya/statuses/25403816448
What is a virus on your computer? ((゜ Д ゜ ll))
http://twitter.com/ueno03ai/statuses/25403708596
Virus invades the PC of the person in the same department! It looks like McAfee, but was trying to force McAfee to buy. Besides, this fake McAfee had the installed McAfee thoroughly out of service. Fear
http://twitter.com/huitvillages/statuses/25403694584
Security tool was taking measures against orz against the virus but it was done ...
http://twitter.com/maix82/statuses/25403563247
なんかパソがウイルスにやられた。しゃれにならん(@_@;) http://photozou.jp/photo/show/783165/50670125
http://twitter.com/nachiro0O/statuses/25403468510
It seems that it is a new virus if it is good. Although it seems to be fixed by restoring the system, I restored it for the time being, but the intrusion route seems to be an automatic update notification of JAVA. . .
http://twitter.com/azaaassu/statuses/25402952548
SecurityTool Tomoyuki Inada who deleted the virus removal method on the web Thanks ☆☆ ** v (¯ ー ¯) v ** ☆☆
http://twitter.com/marsa1218/statuses/25402925374
My computer was hit by a virus. I want to cry without knowing at all what to do.
http://twitter.com/naninanoko/statuses/25402079560
If I think that JAVA has started, I get deleted because I am infected with a virus, but I do not remember installing you in the first place I ignored it completely Ignoring completely Ignoring and activating another anti-virus software to check it . It is unpleasant for the automatic DL of the toolbar or the like without permission.
http://twitter.com/azaaassu/statuses/25401393139
For the first time, is antivirus software stopped web connection? Konkon !! I was surprised. It is unknown what was the problem. I was just looking for a map of where I'm going tomorrow. Hate.
http://twitter.com/kimatomotamik/statuses/25401300100
I have a virus infection (T_T) Idiot ah ah ah I have not memorized a strange thing, but (T_T) ‡ Ikedaoka in Wonderland ‡
http://twitter.com/kiyori_d/statuses/25401272219
When I thought that a dialog like "Security tool install sucseed" suddenly appeared on the screen of the company's PC, the virus removal software such as Security tool stood up without permission and disappeared. Even if you look at it itself is a virus. I'm really thankful to you
http://twitter.com/tochigi_3/statuses/25401156430
The PC just recovered this time is infected with a virus called security tool this time! I really want to cry. Just when you search for something It seems that there are many people currently taking part in this time zone.
http://twitter.com/mujunsyounen/statuses/25419799589
Infected with a virus called Security tool. People say they took it from the eating log if you search real time with Twitter. I wonder why ... I certainly studied the eel before. .
http://twitter.com/nikkeeeeeeee/statuses/25419789607
ウイルスがなんちゃらかんちゃらという警告が出て数分間無視していたらこんなんなってパソコン落ちた。助けて。企画書つくれない。ちょっと、嬉しい(笑) http://plixi.com/p/46871715
http://twitter.com/love_of_48yen/statuses/25419692137
Help was taken from my father. Somehow pc seems to be crazy, it seems like virus that camouflaged virus software like security tool. Disinfectant ...
http://twitter.com/kenz_tweets/statuses/25419674819
RT @mintyellow: そのウイルス知りませんでした(>_<) 気をつけます~。 RT @Alex324RtoJ: 食べログ経由でSecurity Tool感染してる人がめちゃ多い(かく言う自分も)からアクセスしないほうが無難かも!
http://twitter.com/konumu/statuses/25419579856
Uninstaller I dropped it but it got disturbed by the virus and did not start
http://twitter.com/taroemonzaemon/statuses/25419223846
I know it's a virus scan
http://twitter.com/joetakuma/statuses/25419192986
Eh virus infected
http://twitter.com/puniai1/statuses/25419012552
I am afraid to restore the system, so I ceased to connect to the PC net already ... I was trying to update Microsoft's virus scan automatically Why ...
http://twitter.com/kawasumiserika/statuses/25418856862
When rebooting, the number of viruses is increasing, if you mess up and call support, it's a virus and you pay for it! It was a famous virus It was seen with a little white eyes!
http://twitter.com/kawasumiserika/statuses/25418733688
Although it is not the first virus in the world ... Shock
http://twitter.com/yukitaro03/statuses/25418711889
What is all this. After rebooting, I will not start resident virus software. I also do not start the task manager.
http://twitter.com/whitexxx/statuses/25418679847
If you launch No Paso you suddenly become infected with viruses and I will remove them! A window of up to 72 dollars can be paid up, and if this is another virus scan launched then blue back → restart w
http://twitter.com/kawasumiserika/statuses/25418544015
@sakuramachi えーと、残念ながら、それはすでにウイルスに感染してます。こちらの手順で、回復できるんですが、今日はPCを止めて、れひさんに修復してもらうのが良いかもしれません。 http://j.mp/bzUAoW
http://twitter.com/tamaminami/statuses/25418336164
I guess the Security Tool is Chinese funny Japanese When I think I'm playing the virus www McAfee and I do not know how to remove it \ (^ o ^) / Troubleshooting
http://twitter.com/nashiko107/statuses/25418002775
It took a virus called security tool! I do not know the route even if it seems to be generating a lot ('; ω; `). . .
http://twitter.com/shiobo/statuses/25417829897
Pasoko may have died ... It's a virus or a security software like it is disturbing, but what's wrong, but I'm sleepy so I want to sleep ...
http://twitter.com/minase000/statuses/25420565123
When trying to activate the browser, a warning like "I do not use it because it hits a virus" appears and I can not use the browser. Since it will not be a job for the time being, we will try uninstalling security software now.
http://twitter.com/love_of_48yen/statuses/25420390608
Somebody help !! Desktop is likely to be taken over by a virus like a "security tool". .
http://twitter.com/sumiken2/statuses/25420383867
I found a lot of people infected with SecurityTool with the same circumstances, but Hanashi was able to prevent if virus security is running normally ... orz
http://twitter.com/konumu/statuses/25420210962
ウイルスいっぱいみたいですが、除去しようとするとソフトの更新でお金取られるっぽい。その画面でクレジットの番号聞いてくるんだけどコレ自体ウイルスなんじゃねえか? http://plixi.com/p/46872681
http://twitter.com/love_of_48yen/statuses/25420209798
It seems that PC is infected with virus, someone Zobirux!
http://twitter.com/qulogi/statuses/25420200760
I have been infected with a virus that I do not know who I face!
http://twitter.com/tnmrhdo/statuses/25420169833
Infected with a virus called Security Tool. Disinfection in progress
http://twitter.com/junjunsan1222/statuses/25420141996
Sumikun 2: somebody help !! Do not open a nice site on a company's computer, Sumikun 2: somebody help !! It seems like the virus seems to have been hijacked by a virus like himself named "security tool". .
http://twitter.com/Jody_Hirayanagi/statuses/25420592885
I caught on spyware called get full security. It seems to disguise security software and try to withdraw card information. Although it fitted how much it restored in the system, everyone also take care ... (Try to scan the virus tomorrow (; 'Д `)))
http://twitter.com/gyoku_RO/statuses/25420930238
@ Kawasumiserika A scary scary ...! I hate it for 72 dollars or real figures w Did you recover safely ('; ω; `) virus scan work!
http://twitter.com/_yukishiro_/statuses/25421033609
RT @ tkuszono: 【Virus alert】 Malware. It seems to pretend to be regular anti-virus software, so be careful. RT @ nemu _ tatibana: urgent! It seems that those who are infected with spyware software called Security Tool are increasing from the eating log site! Be careful!
http://twitter.com/tomoinu/statuses/25420967474
Apparently old PC seems to be infected with a virus that fooled security software ('; ω; `) Now the family is trying to get better but I wonder if it will be OK ('; ω;`) Because I can not open the file SS Abbon (' ; Ω; `)
http://twitter.com/sunupipipi/statuses/25420735931
It may be safe not to access from many people infecting with Security Tool via eating log (myself saying)!
http://twitter.com/Alex324RtoJ/status/25417946518
Wankota deletion infected with Okanote Note Security Tool Delete aaaa
http://twitter.com/elle0722/statuses/25420007827
The case of this time is not because each site displaying advertisement was not taken over, but because the advertisement distribution server displayed at each site was taken over, this is caused by general users I can not understand, it has evolved into a situation in which hammers like "I hate the virus !! Do not look at the site of ~!
Also, in this case, as to the security of the ad network of advertisement, once a hijacker occurs, many damage will occur across the site in a stroke, so again that we must operate with security more careful than usual It made me recognize. The "no-guard tactic that does not install antivirus software because" I do not see strange sites in the first place "is still dangerous.
Let's check your environment once again so that the antivirus software's renewal deadline has expired, or that it is not actually started up just by installing it . Although it will be a monthly conclusion, after all it finally protects yourself by yourself, defending your own personal computer by yourself is an iron rule, and you should always be careful about security there is not. As a blessing for the unfortunate incident, the "Security Tool" is a type of malware that prevents you from being infected even though the symptoms appear symptomatic for the infected person, but it also makes me realize that it is frightening not to know that it is infected · It is a virus.
I hope that anti-virus software will be unnecessary in the world, but it is not likely to be such a thing yet ....
2010/09/28 12:48 postscript
A new release came out from micro add.
About the range of influence concerning tampering of our service About press coverage | Micro add
http://www.microad.jp/press/20100928/
It seems that the maximum number of browsers in the alteration time period was 680,000.
This time, some data was tampered with malicious attack by a third party in our service "a part version of Ad server VASCO". About this matter today some articles were posted that some 8 million people will be affected by some news organizations.
We have found that the maximum number of viewers during the time of alteration by our survey is 680,000. These reports will inadvertently undermine the concerns of Internet users and we will correct them as described above.
In addition, individual sites themselves have been tampered with, and reports are being made as if there were causes on the site side. The cause of the guidance to a malicious site is that our server has been tampered with, and there is no fact that individual site has been tampered with.
In this case we apologize for the inconvenience caused to our customers who use our service and users who are viewing direct advertisement very much. From now on, we will try to strengthen our system so that such things will never happen again.
【Inquiries concerning this matter】
Please contact us at [email protected].
Related Posts:
in Note, Posted by darkhorse