Have you heard of the Clampi trojan virus? While troubleshooting my wireless printer recently, I was told my computer was infected by a Clampi virus. Of course I was alarmed, so did a bit of research. This is the information I discovered and wish to share:
- Clampi was first detected in 2008, also known as Ligatus and Ilomo virus.
- Clampi gathers login information from compromised computers through social media platforms like Facebook and Skype to build a botnet, a peer to peer format.This means it spreads by network sharing from infected computers to any computers they have access to.
- The botnet is used to install pay per install malware on compromised computers which generate revenue for the operators.
- When the Clampi virus infects a computer, it sends out messages which direct compromised recipients to download a fake update of Adobe Flash player, through a third party website or infected computer. If recipients download the fake file, the Clampi virus infects their computer. Once that happens, the search engine of the infected computer will be directed to contaminated websites.
- Clampi also has the capability of stealing login information and passwords from online banking and other financially related websites.
- Clampi also has the ability to act as a proxy server making its operators anonymous to heavily monitored and tightly secured financial websites, preventing them from becoming suspicious.
- Links generated by the trojan virus with subject lines like LOL or YOUTUBE (examples) sent between friends infect new computers when the links are opened creating more zombie or host computers.
- Using a sophisticated filter program, Clampi is capable of blocking access to security websites or local firewalls that might detect and prevent the virus from spreading.
- Clampi also uses a password stealing program called Limbo
- systems affected purported to be Windows 2000, 7, 95, 98, Me, NT, Server 2003, Vista and XP.
- Clampi targets thousands of websites around the world.
To prevent Clampi or any other virus from infecting your computer, follow these steps:
- Although most of us are savvy enough to have anti-virus software on our computers, make sure your version is the latest update. Some are free, others you pay for.
- Also make sure you have a firewall installed on your computer. This will monitor the internet connections into and out of your computer.
- Be sure to keep your operating system current with security patches and critical updates.
- Microsoft shows all the current fixes for bugs and security patches on their website.
- Do not click on any suspicious links when surfing the internet, especially the ones you were not searching for.
- Use a prepaid credit card for online shopping. This operates separately from your bank accounts, so your banking details will not be compromised. It also limits the amount of fraudulent activity by restricting the funds available.
- Change your passwords regularly, especially those for financial websites.
- If you suspect your computer has been compromised, change all of your passwords and hire someone reputable to get it fixed.
Make sure your home Wi-Fi network is protected by a password to prevent hackers from accessing your files and information.
As I am not the most tech-savvy person, I would appreciate any further information, comments and suggestions for consumer protection on this topic.