Convincing YouTube look-alike fires RIG Exploit Kit

I’m confused… I don’t understand the second part. So I am clever enough not to fall for the first trick. What is the second trick? How do I avoid the trick. For example, I see the advertised video and I want to see the obviously exciting video of a dad catching his daughter stripping on a webcam. I click on a link and am taken to a fake flash update page. This looks suspicious to me and I don’t click on the link.

Am I infected with the other one automatically? Or do I have to click something to get the virus? Is my only hope a real-time virus program?

I’m under the impression that Malwarebytes CHARGES for real-time protection, so I would have to pay you or get a different anti-virus app to protect me in real time.

Is that my only hope?

I’m sorry if I am being obtuse, I just don’t understand this blog completely. Thank you,

Malwarebytes Anti-exploit should handle it. But I recommend paying for MBAM (Check NewEgg.com and Amazon.com for MBAM Pro Lifetime license. You pay more for it but its worth the lifetime license.)

Tom, if you aren’t using any kind of real time protection or Anti-Exploit solution, you are putting yourself at more risk than I think you want. If you are using a post-infection scanner, like MBAM Free, then at least you can remove most malware after you have been infected by it.

Malwarebytes Anti-Exploit can be downloaded for free and it will protect you from browser threats such as the one listed above.http://www.malwarebytes.org/antiexploit/

Hi Tom,

Sorry for not being clear enough on this. The second trick relies on users having outdated software (in particular their browser and plugins). It exploits them doing something called a drive-by download. This requires no user interaction at all… the simple fact of visiting the page is enough to get infection (with the only requirement being vulnerable software).

The best defence against this is to always make sure your computer has the latest updates installed. Also, since most of these attacks rely on popular software such as Java or Reader, you may want to disable their browser ‘add-on’ or uninstall the software completely if you feel you do not need them.

Malwarebyes Anti-Exploit is additional piece of mind that even if your plugins are outdated or in the more rare case of a zero-day (even the most up to date systems are vulnerable) you are covered. It is free as mentioned below by my colleague.

P.S. I’ll update the blog post to make this point more clear. Thanks for the feedback!

Are those lifetime licences a scam? I had never heard of them before.

They are not (if you buy a legit copy). Malwarebytes used to sell them, but now that they are growing and their costs have increased they moved to a yearly subscription. It’s still a really good deal ($353 PCs for a year).

Malwarebytes made an announcement earlier this year when they released 2.0 that they would only sell 10,000 more lifetime licenses and would continue to honor existing ones. So right now people are still clearing out their inventory and occasionally you can find them for $15 each on Newegg (if you are subscribed to their e-mail adverts)

http://www.newegg.com/Product/Product.aspx?Item=N82E16832562002&cm_re=malwarebytes_anti-malware_lifetime-_-32-562-002-_-Product

I like to install it using the older 1.X version, then upgrading to 2.X. This way the activation key is un-encrypted in the registry allowing for recovery after people throw out their keys 😉

What is the extent of Adobe Flash Player hijacking? I keep getting asked if I want to allow Adobe Flash Player per instance or all going forward – is this also an issue? If so, how do I remove from my machines?
I’ve paid for Malwarebytes Anti-Malware Premium, what else do I need to do as a premium/valued customer?
Any guidance is greatly appreciated…

Hi there,

The Flash Player is widely used so while you may want to remove it, it would certainly degrade your Internet experience. Probably the best thing you can do is to keep it up to date to make sure it is not vulnerable.

It sounds like you may have AdBlock or NoScript installed (the fact you say it’s asking you each time). It’s a nice tool to control what sites are allowed to use JavaScript or Flash, but at the same time it can be annoying to receive that prompt each time.

MBAM premium protects you from malware in real-time which is helpful if you download a fake Flash player or other piece of malware because it can block it before it has a chance to run.
MBAM premium also has website protection, keeping you safe from visiting malicious / misleading URLs.
As an addition I would recommend our free Malwarebytes Anti-Exploit. Since most of today’s threats are web based, this is a great program to have on your machine.

thank you

Hey Fiona, MBAM Premium will run just fine. =)