Oggi ho ricevuto un'email dal mio fornitore di servizi Internet che mi ha detto che c'era una sorta di malware su uno degli IP di casa mia e mi aveva chiesto di scaricare alcuni software antivirus. Il software antivirus elenca i collegamenti direttamente a Norton, McAfee e ai siti Web di AVG.
Non sono sicuro che questa email sia falsa, poiché non ho mai ricevuto avvisi di virus dal mio ISP prima. Ma dice che ha qualcosa a che fare con xcodeghost. Non sono sicuro di cosa sia, ma dal cercare online ha qualcosa a che fare con le deiezioni iOS / Mac, tuttavia l'e-mail mi sta chiedendo specificatamente di guardare in una macchina Windows.
Sono totalmente confuso e non ho idea di cosa fare. Ecco lo snippet dalla mia email:
Dear me,
AT&T has received information indicating that one or more devices using your Internet connection may be infected with malicious software. Internet traffic consistent with a malware infection (“xcodeghost”) was observed on Oct 12, 2015 at 5:00 AM EDT from the IP address xx.xx.xx.xx . Our records indicate that this IP address was assigned to you at this time.
Infected computers are often used as part of a zombie computer network (“botnet”). Botnets are networks of computers which have been infected with malware and placed under the control of a hacker or group of hackers. They are often used for attacks on websites, spamming, fraud, and distribution of additional malware.
Because malware is designed to run in secret, an infected computer may display no obvious symptoms.
To address this matter we ask that you take the following actions. If your computer(s) are managed by an Information Technology (IT) group at your place of work, please pass this information on to them. If you use a wireless network, an infected computer may be using your Internet connection without your knowledge. Ensure that your wireless router is password-protected and using WPA or WPA2 encryption (use WEP only if WPA is not available). Check the connections to the router and ensure that you recognize all connected devices. Ensure your firewall settings and anti-virus software are up-to-date, and install any necessary service packs or patches. Scan all systems for viruses and other malware. Additional tools and information:
Tools for removing rootkits, bots, and other crimeware: Norton Power Eraser: https://security.symantec.com/nbrt/npe.aspx (Windows) McAfee Rootkit Remover: http://www.mcafee.com/us/downloads/free-tools/rootkitremover.aspx (Windows) Tools for general virus and malware removal: Microsoft Safety & Security Center: http://www.microsoft.com/security/ (Windows) Malwarebytes Anti-Malware: http://malwarebytes.org/ (Windows, Android) Spybot +AV: http://www.safer-networking.org/ (Windows) OS X Gatekeeper: http://support.apple.com/kb/HT5290 (OS X) AT&T Malware and Network Security analysts gather weekly to give you the information that you need to know about the latest security news and trends. Visit AT&T ThreatTraq at http://techchannel.att.com/showpage.cfm?ThreatTraq
Type: xcodeghost Source port: 53105 Destination port: 80
Ho molte quantità di Windows e dispositivi iOS a casa quindi non ho idea da dove cominciare.