What is the Clampi trojan virus and how to protect your computer from it

Have you heard of the Clampi trojan virus?  While troubleshooting my wireless printer recently, I was told my computer was infected by a Clampi virus.  Of course I was alarmed, so did a bit of research.  This is the information I discovered and wish to share:

  • Clampi was first detected in 2008, also known as Ligatus and Ilomo virus.
  • Clampi gathers login information from compromised computers through social media platforms like Facebook and Skype to build a botnet, a peer to peer format.This means it spreads by network sharing from infected computers to any computers they have access to.
  • The botnet is used to install pay per install malware on compromised computers which generate revenue for the operators.
  • When the Clampi virus infects a computer, it sends out messages which direct compromised recipients to download a fake update of Adobe Flash player, through a third party website or infected computer.  If recipients download the fake file, the Clampi virus infects their computer. Once that happens, the search engine of the infected computer will be directed to contaminated websites.
  • Clampi also has the capability of stealing login information and passwords from online banking and other financially related websites.
  • Clampi also has the ability to act as a proxy server making its operators anonymous to heavily monitored and tightly secured financial websites, preventing them from becoming suspicious.
  • Links generated by the trojan virus with subject lines like LOL or YOUTUBE (examples) sent between friends infect new computers when the links are opened creating more zombie or host computers.
  • Using a sophisticated filter program, Clampi is capable of blocking access to security websites or local firewalls that might detect and prevent the virus from spreading.
  • Clampi also uses a password stealing program called Limbo
  • systems affected purported to be Windows 2000, 7, 95, 98, Me, NT, Server 2003, Vista and XP.
  • Clampi targets thousands of websites around the world.

 

To prevent Clampi or any other virus from infecting your computer, follow these steps:

  • Although most of us are savvy enough to have anti-virus software on our computers, make sure your version is the latest update. Some are free, others you pay for.
  •  Also make sure you have a firewall installed on your computer.  This will monitor the internet connections into and out of your computer.
  • Be sure to keep your operating system current with security patches and critical updates.
  • Microsoft shows all the current fixes for bugs and security patches on their website.
  • Do not click on any suspicious links when surfing the internet, especially the ones you were not searching for.
  • Use a prepaid credit card for online shopping.  This operates separately from your bank accounts, so your banking details will not be compromised.  It also limits the amount of fraudulent activity by restricting the funds available.
  • Change your passwords regularly, especially those for financial websites.
  • If you suspect your computer has been compromised, change all of your passwords and hire someone reputable to get it fixed.
  • Make sure your home Wi-Fi network is protected by a password to prevent hackers from accessing your files and information.

     

    As I am not the most tech-savvy person, I would appreciate any further information, comments and suggestions for consumer protection on this topic.

Advertisements

11 thoughts on “What is the Clampi trojan virus and how to protect your computer from it

  1. My biggest recommendation is to remove and never use Adobe Flash. It is a known security risk at many levels and there are active efforts to remove it from use. Even Adobe is working on converting from flash to HTML5.

    and be very careful about what websites you visit. Not everybody out there is your friend.

    Also, for most folks you should treat your passwords for your system, WIFI, FB, etc, like you do your toothbrush: don’t share and change regularly.

    Liked by 2 people

  2. Got the clampi virus last night what do I do I called the number the error said and they wanted to chargemeoutrageous price to fixit they said it was through my network IP address. And the ip addresses blocked how do I fixthat

    Liked by 1 person

Your two cents are valuable to me, please deposit them here!

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s