Security Corner

Jan 30 2009   4:23AM GMT

“Victim” of Cybercrime Found Searching for Illegal Porn

Ken Harthun Ken Harthun Profile: Ken Harthun

Talk about irony. You get infected by a cybercriminal’s illegal bot (Ozdok/Mega-D in this case) which takes a screen shot that shows you searching for illegal underage porn; then, security researchers get hold of some screen shots from the bot’s command and control (C&C) server; while going through the shots, the researchers come across those of your screen and notify the authorities (presumably, the FBI).

From a Security Works research note, Ozdok: Watching the Watchers:

Also, a note to the gentleman searching for images of nude preteen girls: You can run all the anti-spyware tools you can find, and employ the best anonymity tools in your web browser – it’s not going to help you if you get infected with an advanced trojan like Ozdok/Mega-D or one of the many others that allow hackers to take screenshots of your computer desktop. Don’t worry though, you probably won’t need a computer in the near term, as we’ve notified the authorities of your name and location (which you conveniently provided in a series of screenshots).

The good news is that you can remove the pest. Here’s what Symantec recommends for their products:

The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.

1. Disable System Restore (Windows Me/XP).
2. Update the virus definitions.
3. Run a full system scan.
4. Delete any values added to the registry.

Complete removal instructions in this article.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: