This is probably not the right community but I haven’t found a better one.
So I watched a video from Seytonic where he mentiond that some malware creates a windows link with the name of the usb on a usb. So I checked my usb because I remembered that I had to click 2 times on my usb to opened it. I found a link that contained cmd.exe and a name of a file next to it. Upload to the virustotal showed Raspberry Roblin worm.
I use Linux but my familly uses windows so I will have to go through all familly computers and remove the worm. Where can I find info how to remove this specific worm - Raspberry Roblin? On google I found a description about how the worm works but not specific files it creates and how to remove it.
The first page that shows up is microsoft.com and it says that windows defender detects the worm, but clearly it doesnt.
Edit: The worm was on one computer and it did not have windows defender installed. Seems like malware removed it and also disabled automatic updates. I installed MalwareBytes and sucessfully removed the worm :)
Thank you for the link, it will help for sure!
I (not me but my family) always used just default Windows Defender but I heard good things about Malware bytes and BitDefender, I’ll checked them out.
Bitdefender usually goes on sale too - check for coupon codes, don’t pay full price. Plus you get like 5 devices with your license IIRC. Worth a shot
Oh it’s paid… I would rather install Linux, I don’t pay even for Windows.
And you got what you paid for, no?
I believe there is a free version as well but don’t think just because you’re installing Linux that you’re somehow safer.
There was just a package that was essentially socially engineered into by a hacker, who then had full access to everyone’s shit.
All because a GitHub author was pressured into letting them contribute to code. Mac/Apple are no different and starting to be more and more vulnerable as the “security by obscurity” wears off.
Free tools are fine and well, but that stuff is done for free. Including maintainence and everything else. In times like these, ain’t nobody got time for that anymore. People need to make a living and you will see degradation in the products thusly
Windows defender along with a system hardener (like hard_configurator) can actually be quite insanely strong, especially since windows defender starts working and blocking stuff long before non-system apps, which can be a big boon. This approach is also free (if you have windows) which seems to fit your needs!
I’d start with a offline scan.
If possible wipe the drive from Linux and reinstall Windows. Be mindful of any files as documents and other files can sometimes hide things. Make sure you reset all passwords as well. Start with email passwords and then go up from there.