Yes, by all means, post the link here in public so that stupid people will click on it and get infected.
Once at the site, it tries to stealth-download something into your computer without giving the user any prompts on where to download to, and immediately infects you
If it's as bad as you say, why would you actually post it here in public? Also, I'd say that it's just bad configuration of your browser.
Read this: https://blog.malwarebytes.org/fraud-scam/2014/11/rogue-scr-file-links-circulating-in-steam-chat/
Comment has been collapsed.
Uhm, no. You're completely mistaken. I wouldn't post a direct link to a trojan.
Allow me to further embellish on the link in the opening post to put your mind at ease. The first is completely made up, the second is a link to a summary image I hurriedly made in MSPaint.
But seriously, it would be great if everyone could stop calling everything and everyone 'stupid'.
Also, while that link of yours is related, the actual extension at the end of the trojan's vector message is .JPG, and is fully automated after it hits its first victim. That's exactly why this thread exists. Downloading suspicious, unknown files is a far cry from opening a literal image link coming through from a steam friend.
Comment has been collapsed.
This happened to me a few weeks ago from a not so close steam friend saying "Is this you in the picture? ...link to jpg image My antivirus went nuts when i clicked on it but thankfully it stopped it there! Be careful!
Comment has been collapsed.
I had one of this .SCR files on my computer because of a misclick... Deleted it from my desktop. I logged out of steam an scan my PC with two different scanners and MAM but there was nothing. After that i change my password and email. You need to open the file because every .SCR file needs to be installed first. After i download this file i was not so dumb to open it.
Comment has been collapsed.
A scam in common usage is to denote a personal and direct attempt upon bilking you out of what is yours. This is an indirect attempt, hence why we have terms like "malware", "trojan", "dialer" and so forth. Your choice of words is misleading, and was used to imply people were blind to something that is normally loaded with obvious tells, whereas this thing in particular preys upon a singular common pattern in conversation between friends by using friends lists and apparent direct image links as a vector.
What's not to get, here? :P
Comment has been collapsed.
nothing new at ALL...welcome to the internet and the conclusion that you can bind a executable file to a picture (any sort of file) file....that was possible already 15 years ago...
Comment has been collapsed.
Really. I was under the impression that this only works if you open the fake image file from your computer. Trying to -VIEW- an image on a website, even faked, wouldn't try to launch an executable locally would it? Much less bypass the UAC and attempt to shove an .SCR into your computer and -then- execute it afterwards? :v
Comment has been collapsed.
I don't get this scammers (or what ever they are called). In the last month i got around 20 of those fake profile friend request i didn't answer any of them, but they are getting even more persistent then before. And also i don't understand how, can they even fool anyone who knows just a little the steam platform, most of their profiles are private a lot of them have either 1 or none games and most of the times they have really one or maybe three to four friends.
Comment has been collapsed.
when I saw the link, I deleted the comment instantly
Comment has been collapsed.
Yeah I had at least 3 or 4 of those bots posting on my profile, they're more annoying to report/remove than to just ignore their friend invite.
Comment has been collapsed.
Ingoring an steam invite is same as ingore you know. Im getting annoyed blocking them then reporting. Just deny and report em. Also the chance you encounter an bot also depends on your popularity: if you an active steam user/trader/whatever,there's an higher chance of getting it.
Comment has been collapsed.
I saw a guy a few posts ago mistakenly thinking you posted the ACTUAL link that you received......but.....(and bear with me on this one)......How about if your summary picture on the scam was actually the real trojan? You posting on here, in this way, would garner many more clicks than an obvious fake picture sent from a "friend" you've spoken to probably once in the 9 months you've been on each other's lists, and you only arrived there because of a trade for a bundle game and were just too polite to remove each other.
People.....This IS Inception!!
Comment has been collapsed.
How to prevent of getting this sht: never click on any links even if it is from a friend, click only after asking him what it is, and of course disable automatic download, choose: always ask whether to download the file or not, and even if you don't do anything from this at least use nod32, other antivirus softwares are just piece of fcking sh*ts
and btw. WELCOME TO THE INTERNET, YOU MUST BE NEW HERE
Comment has been collapsed.
You make it sound like it's not common for a Windows machine to get viruses every now and then.
IMHO you should change the headline to:
It's just a normal day for Windows users. Move along, nothing to see here.
I couldn't care less about viruses, really.
Comment has been collapsed.
Mac and Linux users are safe (as always) because nobody cares enough about those OS's to write a virus or trojan for them
Comment has been collapsed.
Yes, safety through obscurity, but only to a certain extent. You also show ignorance and complete lack of understanding of how Unix-like operating systems work. I didn't expect more from a person with Razer logo as their profile picture anyway.
Comment has been collapsed.
Yes, I know nothing of *nix OS's, despite running a Linux server myself....but then that's just ignorant
Comment has been collapsed.
SO because my server runs Linux, I should be one of those sad, real-ale-drinking fanboys for it? No, thanks, I like gaming too much. Admittedly, recently Linux and MAC are getting their shit together regarding games but it doesn't change the fact that nobody really cares about the OSs, apart from the said real ale drinking fanboys.
Also, I find it interesting how you equate me liking a picture with the image having an exact lineage to my intelligence and ignorance level.....Who's the sad one now?
Comment has been collapsed.
Really? THAT is the best you can come up with? OK, whatever, I'll leave you to your incessant ramblings as you're obviously one of those pathetic keyboard warriors who come online just so they can cause an argument, (if that isn't your intent, you might wanna reel it in a bit because it kinda looks like it is). I'm not sure where/what in my initial post you got all butthurt over but I didn't intend for anybody to take a personal affront to anything I said. I wish you a good day ahead of you, nevertheless. Take care :)
I guess it is true what they say.
"How to start an argument on the internet in 2 simple steps" 1. Post an opinion. 2. Wait...
Comment has been collapsed.
I don't have to come up with anything. You're not posting opinions, but false claims - that nobody cares about Linux and Mac and that that's what makes them safe from viruses and bad for gaming. I'm not butthurt, you're talking nonsense, simple as that.
Comment has been collapsed.
If you could give this just a slightly more serious tone, that'd be great, because the way you put it just looks like as if you were telling a joke or laughing at naive users. Which, in fact, is not the case. I know, but still... Disturbing. What I mean is the summary image. Like wtf. You won't actually see any image. Therefore it's incorrecto.
And just for the record: no virus was detected (MSE).
Comment has been collapsed.
That's funny, because most of the responses have been taunts implying anybody would would even click a direct image link are 'stupid' and should know better... which is kind of the opposite. I've tried re-wording it a few times and people are pretty much just reading what they want to read.
And actually while your link is an example of it, was that guy even on your friends list?
Part of what I was warning against was the spread through your friends list and giving little context for the image link, minimising the signals of something bad being afoot.
Comment has been collapsed.
He wasn't on my buddy list, but today I just got the same from a friend, so... Yep, it's spreading, and it's definitely not just fake accounts. Even decent people can fall for it, especially youngsters or people who don't have the skills. And I don't know what's wrong with clicking on an image link. I clicked on it too. I didn't open it, but I clicked on it. And it's not stupid, I did it to report it if it's something suspicious.
Comment has been collapsed.
Confirmed, if anyone is interested and knows anything about PC stuff, here is it's 'name' : Trojan Horse MSIL5.BFKX. AVG all the way, got rid of it.
Comment has been collapsed.
Copy pasted the link and it tried to download, cancelled, deleted and reported. Damn people in this thread are condescending. You're telling me you never EVER open links a friend sends you? Paranoid.. Thanks for the notice OP, been reading gamer news all day and this is the first I've heard about this. Didn't download but running full scan just in case.
Comment has been collapsed.
Just a little bump for the edit. This direct image-link trojan bait has now started being posted as random messages on your steam profile, claiming to be some form of inventory screenshot for a potential later trade arrangement. Once again, it relays through steam friends comments so be careful~
Comment has been collapsed.
Comment has been collapsed.
This has been going on for a long time, I get a request a few times a week, if you notice the link actually takes you to a .scr file (Windows screen saver) which can contain executable code, at least on non-penguin friendly OSes from Microsoft. Being a penguin (Linux user) can make you immune. ;)
Comment has been collapsed.
103 Comments - Last post 7 minutes ago by nsxhitman
34 Comments - Last post 1 hour ago by Formidolosus
16,725 Comments - Last post 1 hour ago by Kenruyoh
329 Comments - Last post 3 hours ago by Tsukichild
49 Comments - Last post 3 hours ago by wigglenose
409 Comments - Last post 3 hours ago by WaitingforGodot
353 Comments - Last post 5 hours ago by Mayanaise
134 Comments - Last post 4 minutes ago by PonBaron
6,643 Comments - Last post 5 minutes ago by Oppenh4imer
1,423 Comments - Last post 6 minutes ago by Sikgel
32 Comments - Last post 8 minutes ago by Cassol
29,716 Comments - Last post 11 minutes ago by Ner72
30 Comments - Last post 20 minutes ago by FateOfOne
9,938 Comments - Last post 21 minutes ago by CurryKingWurst
Edit : The latest mutation appears to be targetting profile comments, claiming to be an inventory screenshot of someone who wants to set up a trade, but still operates in the same way. Be careful!
~~
There is a recent trojan with a little twist going around like wildfire at the moment.
Instead of the usual dumb link to an obvious malware site or infected file, this trojan instead travels through your steam friends lists, and appears as a direct link to an image file on a normal image hosting site. Now, think about this for a moment, if a close friend of yours sent you a message saying "Wow, some people : http://photo-wrangler.net/12513.JPG" you probably wouldn't think twice about clicking it, would you?
When you try to access the site, it attempts to stealth-download something (usually an .scr) into your computer without giving the user any prompts such as the usual "save to" dialog box, immediately infecting you and relaying the same message to everyone on your steam friends list. People have said that this trojan is designed to get access to your steam inventory and gift your gear away to a bot, but I cannot confirm that. I would be more worried about it leaving keyloggers or taking your account password. If you have a good antivirus or anti-malware installed, you will probably get an interrupt-alert that prevents it if you try to visit in a browser window external to steam, but I would still be careful because these kinds of things tend to try adapt over time.
For reference, the message itself (at this point) appears to be : "WTF?????? [evil link].JPG"
If you got this message, don't click it, alert the sender that they're infected, and advise them to scan for malware / look for keyloggers in their active processes, and then to change their password.
.
TL;DR VERSION :
There is a trojan going around the steam friends lists that is using a direct image link instead of a suspicious file. It is literally a link to a .JPG file that looks like a random piece of humour/news.
Here's a quick summary image I made myself of what to look out for : http://i59.tinypic.com/2mg2uth.jpg
Seriously. Yes. It is that easy to get caught by it. No, it isn't a joke. That image I just posted is a reminder that if you think your shit doesn't stink just because you don't open random .XLS and .EXE files, consider how the average steam conversation goes, and how innocent image links can seem and slip by your guard.
Comment has been collapsed.