Jump to content

LINUS! CHANGE YOUR STEAM PASSWORD

firm
By firm
in General Discussion
 Share
Posted

Please change your Steam password or anything you've login to that computer, Synaptics essentiallly a touchpad driver but in this case it's a infectious virus that, well, does infections, it infects nearly every 3rd party .exe files in the computer and some of the "Synaptics.exe" varians even got moded with Redline stealer, the seller isn't aware of these IT crap they just grab system from the internet the dump it in, please please please do a fresh install next time you purchase craps from Taobao or Wish whatever, and I want to be clear that a lot of computers in China also got infected with these, please the comment don't take that as some kind of "CCP controlled" crap just to monitor people, NO! I work in a security company in China and I know why people made these viruses.

 

Why they target Chinese firms(mostly):

  1. We have a lot of computers
  2. A lot of people that doesn't understands these kind of security crap
  3. Large base, high infection possibility
  4. ...

 

What for:

  1. Botnet (DDoS, mining, springboard...)
  2. Info steal (Ransom, steal valuable account then resell it...)
  3. ...

 

Who are they:

Anyone in the world basically, I've seen Chinese, Iranian, Polish, British, American, Russian, Ukrainian... They all does that, they're not like a large organizations or even could be just a single person.

Not everything should be leveled up to nation level.

 

Why are they doing it:

  1. Money
  2. Fun
  3. Boring

 

I typically strongly recommend anyone buy a computer to reinstall their system from Microsoft first, benefits including but not limited to get rid of bloatware pre-install by your seller or even viruses just like this one.

 

 

 

Posts of analysis with this virus, in Chinese, found on Google, if you're not interested, don't open it:

https://cn-sec.com/archives/1771743.html

https://www.secpulse.com/archives/192714.html

 

Honestly there's a lot more I haven't said, and the more I learn about the world out there the more I realise how high the barriers are between languages and how little anyone understands anyone.

Maybe that's where all the conflicts in the world are coming from right now.

 

Also I think nobody that knows computers even a little uses 360 browser, more like a ADs browser.

They do a great job with their security software, it's so much safer than Kaspersky and all that, but I wouldn't install it on any of my computers because if you were to do so you'd have to go in dozens of sub-menus to turn off the adverts.

A lot of Chinese actually doesn't like these crap, but obviously because of language and cultural barriers and GFW not everyone is able to post reviews on the English forum.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
8 minutes ago, firm said:

Please change your Steam password or anything you've login to that computer, Synaptics essentiallly a touchpad driver but in this case it's a infectious virus that, well, does infections, it infects nearly every 3rd party .exe files in the computer and some of the "Synaptics.exe" varians even got moded with Redline stealer, the seller isn't aware of these IT crap they just grab system from the internet the dump it in, please please please do a fresh install next time you purchase craps from Taobao or Wish whatever, and I want to be clear that a lot of computers in China also got infected with these, please the comment don't take that as some kind of "CCP controlled" crap just to monitor people, NO! I work in a security company in China and I know why people made these viruses.

 

Why they target Chinese firms(mostly):

  1. We have a lot of computers
  2. A lot of people that doesn't understands these kind of security crap
  3. Large base, high infection possibility
  4. ...

 

What for:

  1. Botnet (DDoS, mining, springboard...)
  2. Info steal (Ransom, steal valuable account then resell it...)
  3. ...

 

Who are they:

Anyone in the world basically, I've seen Chinese, Iranian, Polish, British, American, Russian, Ukrainian... They all does that, they're not like a large organizations or even could a just a single person.

Not everything should be leveled up to nation level.

 

Why are they doing it:

  1. Money
  2. Fun
  3. Boring

 

I typically strongly recommend anyone buy a computer to reinstall their system from Microsoft first, benefits including but not limited to get rid of bloatware pre-install by your seller or even viruses just like this one.

 

 

 

Posts of analysis with this virus, in Chinese, found on Google, if you're not interested, don't open it:

https://cn-sec.com/archives/1771743.html

https://www.secpulse.com/archives/192714.html

 

Honestly there's a lot more I haven't said, and the more I learn about the world out there the more I realise how high the barriers are between languages and how little anyone understands anyone.

Maybe that's where all the conflicts in the world are coming from right now.

 

Also I think nobody that knows computers even a little uses 360 browser, more like a ADs browser.

They do a great job with their security software, it's so much safer than Kaspersky and all that, but I wouldn't install it on any of my computers because if you were to do so you'd have to go in dozens of sub-menus to turn off the adverts.

A lot of Chinese actually doesn't like these crap, but obviously because of language and cultural barriers and GFW not everyone is able to post reviews on the English forum.

The worst part is in the video they connect it to their network... I hope they took some precautions and didn't connect it directly.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

I imagine they'd have it in an isolated VLAN which won't allow connection to anything else at the office. 

 

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

I believe @Karthanon is right, considering how in the video they specified that the PC didn't "call home". Probably they were monitoring it with an external firewall.

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

They probably used one of several Steam accounts specifically set up for game testing, so hopefully no financial data is saved on it.

 

Still a galaxy-brain move using the cracked Windows install it came with for game testing though. Who knows what nefarious crap came along for the ride.

I sold my soul for ProSupport.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
On 11/26/2023 at 4:14 AM, phatrattyy said:

The worst part is in the video they connect it to their network... I hope they took some precautions and didn't connect it directly.

With the amount of crazy stuff they connect to their network, I'm sure they've got a segmented VLAN or hardware LAN just for stuff like this. Otherwise their channel would be streaming Elon crypto scams all day every day instead of just the one time.

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing General Discussion

×