Tuesday, September 15, 2009

Oh, Bugger!

The moral of the story is: don't watch videos on Facebook.

So I was eating lunch at my desk and I see a post from a Facebook friend saying that they have a new video up. I decide to give it a look and it tells me I need to update my Flash Player. Oh yeah, there was a thing recently about updating Adobe Flash Player, had I done it on this machine yet? I click the link and run the executable.

Nothing happens.

About that time I notice the url in Facebook page hosting the video and guess what: it gives an IP address. It does not say Facebook.

Well shit.

About that time a window pops up from Windows Defender informing me that a bit of malware is trying to run on my machine and asking me if I want to remove it. I say that I do. Whew, that was close, but thank god for windows defender.

I resume my normal surfing and see a new installment of Penny-Arcade has posted, so I click the link and I get sent to a page that has nothing to do with Penny-Arcade.

Shit, shit, shit. I know what's happened before the pop-ups start hitting. I instinctively type in a search for MBAM, the anti-malware software that was recommended to me by our IT person (who was conveniently not in the office today). If came back with an unloadable page. I open the downloads page of my browser, but it's empty. I was infected.

I then remembered that I had previously installed MBAM and started running it. Eight minutes later, it had found 14 malicious files. I left a message for my Facebook friend that she was, like me, mostly infected with Koobface and that she needed to scan her machine and notify Facebook. All in all, it took three scans and about three hours for me to finally get every last trace of it off. So much for Windows Defender.

And I know better than to run strange executables. But I let my guard down for a second and it cost me an afternoon. The worst part was that I had everything open when the infection struck. I had Gtalk running, my DropBox was active, my e-mail and Twitter and Facebook clients were open. Koobface is geared towards social network sites, so I had to change those passwords. If anything in my DropBox got infected it could infect other computers I use. And if anyone ever got my e-mail password, they could get into everything: my online banking, my auto insurance, everything.

So I had to come up with new passwords for everything, which means my clients are all going to need to be reconfigured, and I'm a programmer: passwords have upper and lower-case letters, numbers, and if I'm feeling really ambitious at least one non-alpha-numeric character the latter of which, incidentally, aren't supported by Bank of America's website. And God, did BOA piss me off, nothing like a minor security crisis to make you remember how cruddy your bank's web interface is.

All I wanted to do was change my password. But I couldn't find it. Account settings only applied to Bank Accounts. I could change my address or order checks, but I couldn't change my password. In one FAQ menu I found a Live Help Chat, so I opened that up giving it my full name. Twice. The conversation went something like this:

Pablo: Hello, my name is Pablo, and thank you for using Bank of America's automated support. How can I help you make better use of our products and services?

Me: I need to change my password but I can't seem to find it.

Me: Oh, nevermind, I just found it. Thanks anyway.

Pablo: I understand that you need help changing your password. I'm sorry that you're having difficulty.

Me: Thanks for your time, you might let your tech department know that it's a bit hard to find the password change page on your site.

Pablo: I can walk you through the steps to do that.

Part of the reason it was so hard to find was that BOA's website refers to your "password" as a "passcode". I suppose this is meant to be hip and trendy. In reality, all it does is foil the site-search.

So I got to experience BOA's web-non-savvy once more. And I got to fight with a virus all afternoon. And I got to endure the jeers of being "Malware Man" for a day. And I have a whole new set of passwords to re-memorize. And then I get home and manage to lock myself out of my own Twitter account.

So that's my Monday. How was yours?

No comments: